Skip to main content
Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations

Filter

Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • NYDFS to study overdraft fees

    State Issues

    On July 15, New York’s governor signed S9348, directing the superintendent of NYDFS to conduct a study of overdraft fees in the state. (See also NYDFS press release here.) The study will examine, among other things: (i) the total amount of overdraft fees paid in the state; (ii) the geographical distribution of these fees; (iii) whether certain communities have higher rates of overdraft fees than others and the possible reason for such high rates; (iv) “the percentage of overdraft fees reduced through direct or indirect negotiation”; and (v) the enumeration of consumer rights related to overdraft fee negotiations. The results of the study are to be delivered within one year to the governor, the temporary president of the senate, and the speaker of the assembly. The act is effective immediately.

    State Issues State Legislation New York Overdraft NYDFS Consumer Finance State Regulators

  • DFPI issues proposal on debt collection licensing

    On July 15, the California Department of Financial Protection and Innovation (DFPI) issued an invitation for comments on draft text for a proposed second rulemaking (NPRM) related to the scope, annual report, and document retention requirements under the Debt Collection Licensing Act (the Act). As previously covered by InfoBytes, in 2020, California passed and adopted the Act, which requires a person engaging in the business of debt collection in California to be licensed and provides for the regulation and oversight of debt collectors by DFPI. Previously, DFPI issued an NPRM (which was later amended) to adopt new debt collector licensing requirements by regulation (covered by InfoBytes here).

    The newest NPRM follows an August 2021 initial request for comments on anticipated rulemaking related to the scope, annual report, and bond amount increase provisions of the Act (covered by InfoBytes here). The NPRM seeks input from stakeholders on topics related to:

    • Definitions and terms. Amendments and expansions to certain defined terms, including “employee,” “engage in the business of debt collection,” and “net proceeds generated by California debtor accounts.”
    • Exemptions. Under the NPRM, employees of debt collectors will not be required to be licensed under the Act “when acting within the scope of their employment” with a licensed debt collector. Additionally, the Act’s listed exemptions apply only to the underlying applicant or licensee—the exemption is not applicable to parent entities, subsidiaries, or to affiliates. The NPRM further provides that creditors collecting consumer debts in their own names are not considered to be debt collectors for licensing purposes, unless they meet certain criteria. The NPRM also lists other exemptions for persons solely servicing non-defaulted debts on behalf of an original creditor, healthcare providers, local, state, or federal government bodies, or public utilities acting under the supervision of the California Public Utilities Commission.
    • Consumer credit transactions. The NPRM specifies that the following types of debt are not considered “consumer debt” to be regulated under the Act: most residential rental debt, debt owed to an HOA or other equivalent written agreement, deferred debt from a consumer’s acquisition of healthcare or medical services, and failed personal checks.
    • Annual reports. The NPRM’s reporting requirements state, with respect to annual reporting requirements, that the “total number of California debtor accounts should be counted by transaction, not by debtor” (i.e., should a single debtor have multiple accounts, each account should be counted separately). The NPRM also outlines criteria for reporting the total number of accounts and dollar amounts.
    • Record retention. With respect to document retention, licensees will be obliged to follow specific criteria for preserving the records “of any contact with, or attempt to contact, anyone associated with a debtor account, regardless of who initiated the contact and whether the attempt at contact is successful.” Licensees will be required to retain this information, as well as additional documents, for at least seven years after the account is settled, returned to the creditor, sold, or collection attempts have stopped.

    Comments to the NPRM are due August 29.

    Licensing State Issues State Regulators DFPI California Debt Collection

  • New Jersey warns licensed “teams” about violating state real estate statute

    On July 12, the New Jersey Department of Banking and Insurance issued Bulletin No. 22-07 to remind real estate licensees (particularly licensees operating as a “team”), and brokers of record who are responsible for managing and supervising teams, of the requirement to ensure compliance with the Real Estate Broker and Salesperson Act and related regulations. Explaining that real estate “teams” are a growing trend in the industry, the Bulletin warned that while a team may “appear to operate independent of the brokerage firm through which they are licensed,” the team is not actually a separate brokerage, and “teams, their team leaders, team members and their supervising brokers must comply with the act and regulations.” The Bulletin continued that “[l]icensees can only accept compensation, including commissions, from their employing broker, and not a member of their team or their team leader. . . . Further, teams may not operate out of a separate, satellite office, unless such location is properly licensed with the New Jersey Real Estate Commission and maintained and supervised in accordance with the act and regulations.” The Bulletin also addressed advertising and webpage requirements for licensees.

    Licensees who fail to comply with the regulations may be subject to fines, potential license suspension or revocation. Brokers who fail to supervise licensees or team members are subject to these penalties as well.

    Licensing State Issues New Jersey Mortgages State Regulators

  • Connecticut fines collection agency $10,000 for violating usury laws

    State Issues

    On June 28, the Connecticut Department of Banking issued a consent order against a licensed consumer collection agency for allegedly engaging in numerous violations of state law. These include (i) collecting on loans made by unlicensed lenders affiliated with federally-recognized Native American tribes that violate state usury laws; (ii) commingling operating monies from its business account with funds in its trust accounts; and (iii) engaging in unfair or deceptive acts or practices by advertising financial products and services of unlicensed affiliates in communications with consumers. According to the order, an examination found that the company collected on loans made by unlicensed lenders affiliated with Native American tribes that charged interest rates exceeding state limits, and that the company received payments on small loans that violated other state statutes. The Connecticut Department of Banking noted that, pursuant to a Connecticut Supreme Court decision in Great Plains Lending, LLC v. Department of Banking, consumer collection agencies are prohibited “from collecting on small loans made by unlicensed persons, including lenders affiliated with Native American tribes." Such loans are considered void and unenforceable, the Department said.

    While the company neither admitted nor denied any of the allegations, it voluntarily agreed to the imposition of sanctions to obviate the need for formal administrative proceedings. Under the terms of the consent order, the company must pay a $10,000 civil penalty, refund all amounts collected from Connecticut borrowers as payment on small loans made by unlicensed lenders affiliated with federally recognized Native-American tribes, implement appropriate policies and procedures, cease and desist from soliciting financial services products in its collection communications with consumers, and cease and desist from collecting, attempting to collect, and receiving payment on small loans not made in compliance with state law.

    State Issues Licensing Enforcement State Regulators Connecticut Usury Consumer Finance Tribal Lending

  • NYDFS releases best practices for promoting PSLF program and time-limited waiver

    State Issues

    On July 13, NYDFS called on all federal student loan servicers to increase awareness of and enroll borrowers in public service loan forgiveness programs before a temporary waiver expires on October 31. NYDFS’s letter reminded servicers that under the Public Service Loan Forgiveness (PSLF) program, full-time government and certain non-profit employees may be eligible to have federal direct loans forgiven after making 120 qualifying monthly payments. Last October, the Department of Education announced temporary PSLF changes due to the Covid-19 pandemic. These changes provided qualifying borrowers a time-limited PSLF waiver, which allows all payments to count towards PSLF regardless of loan program or payment plan (covered by InfoBytes here). Expressing concerns that many borrowers may not learn of this opportunity before it expires in October, NYDFS encouraged servicers to adopt eight best practices to promote awareness of the PSLF Program and the waiver. These include “enhanced trainings for customer service staff, proactive communications with borrowers, and increased promotion of the PSLF program on servicer websites and on borrower account pages,” NYDFS said in its announcement.

    The letter follows a December 2021 NYDFS request sent to federal student loan servicers asking for updates on steps taken to address the waived rules. NYDFS also reminded servicers that it “will diligently enforce all servicer legal requirements concerning the PSLF program and will consider the extent to which servicers engaged in proactive measures to promote the PSLF Waiver in future supervisory examinations.”

    State Issues New York State Regulators NYDFS Student Lending PSLF Covid-19 Consumer Finance Department of Education Student Loan Servicer

  • NYDFS issues overdraft and NSF fee guidance

    State Issues

    On July 12, NYDFS issued guidance in an industry letter to regulated banking institutions, calling into question bank practices that can cause consumers to receive multiple overdraft and non-sufficient funds (NSF) fees from a single transaction. The industry letter identifies three specific types of fee practices as unfair or deceptive:

    • Charging overdraft fees for “authorize positive, settle negative” transactions, where consumers are charged an overdraft fee even if they have sufficient money in their account when a bank approves a transaction, but the balance is negative when the payment is settled. Per NYDFS, imposing an overdraft fee in this situation is unfair because, among other things, consumers “have no control over or involvement in” when or how their debit transactions get settled.
    • Charging “double fees” to consumers for a failed overdraft protection plan transfer, which occurs when a bank goes to transfer money from one deposit account to another deposit account to cover an overdraft transaction, but the first account lacks sufficient funds to cover the overdraft. Per NYDFS, double fees injure consumers “by imposing fees for a transfer that provides no value to the consumer and is not reasonably avoidable by consumers, who have no reason to expect that they will be charged a fee for an overdraft protection transfer that does not in fact protect them against an overdraft.”
    • Charging NSF representment fees when a merchant tries several times to process a transaction that is deemed an overdraft and the bank charges a fee for each blocked representment without adequate disclosure. Banks that currently charge multiple NSF fees should “make clear, conspicuous, and regular disclosure to consumers that they may be charged more than one NSF fee for the same attempted debit transaction,” NYDFS stated. Additionally, banks are advised to consider other steps to mitigate the risk that consumers are charged multiple NSF fees, including limiting time periods for when multiple NSF fees may be charged, performing periodic manual reviews to identify instances of multiple NSF Fees, and offering refunds to affected consumers. NYDFS “ultimately expects [i]nstitutions will not charge more than one NSF fee per transaction, regardless of how many times that transaction is presented for payment,” the industry letter said.

    NYDFS informed regulated entities that it will evaluate whether they “are engaged in deceptive or unfair practices with respect to overdraft and NSF fees in future Consumer Compliance and Fair Lending examinations.”

    State Issues State Regulators NYDFS Consumer Finance New York Overdraft NSF Fees Unfair Deceptive

  • Collection agency to pay $10,000 for operating without a license in Connecticut

    State Issues

    On June 24, the Connecticut Department of Banking issued a consent order against a company for operating as a consumer collection agency without obtaining the proper license. According to the order, the company filed a consumer collection agency license application in Connecticut in June 2020. However, during its review of the company’s application, the Department of Banking discovered that it had been operating as a consumer collection agency without a license in the state since 2019. Under the terms of the consent order, the company must pay a civil penalty fine of $10,000, and pay $800 to cover licensing fees.

    State Issues Licensing Connecticut State Regulators Enforcement

  • DFPI concludes MTA licensure not required for donations to NPOs

    Recently, the California Department of Financial Protection and Innovation (DFPI) released a new opinion letter covering aspects of the California Money Transmission Act (MTA) related to certain agent of payee requirements. The redacted opinion letter examines whether the inquiring company’s product for donations to nonprofit organizations (NPOs) is exempt from the MTA. DFPI also reviewed whether: (i) money held by the company in an operating account, related to MTA-exempt activities such as NPO donations, is stored value; and (ii) closed loop transactions, and specific bank-issued open-loop gift cards without cash access, are exempt from the MTA. The Washington state-headquartered company sells reward programs to businesses that are used to incentivize purchases by their customers, reward customer loyalty, and reward employee performance. The opinion letter does not address closed loop gift cards and open loop gift cards, as DFPI previously issued an opinion letter regarding these products on February 19, 2020, nor does it address a yet-to-be introduced reward program that deposits cash into a recipient’s account or provides credit to a specified credit card as the company already acknowledges that this service constitutes regulated activity under the MTA. 

    However, the opinion letter does address circumstances when an NPO donation is selected by a recipient from the company’s reward options. In this instance, the reward amount is transferred from the company’s operating account to its custodial bank account designated “For the Benefit Of Customers” held at a national bank. The company then “aggregates contributions to each NPO and distributes these amounts, less its 8% administrative fee, directly to the NPOs on a weekly basis.” According to the company, “[f]unds do not move out of the NPO Account until these payments are made and the NPO Account is not used for any purposes other than NPO Donations.” DFPI concluded that the company’s current NPO agreement satisfies the agent of payee requirements for exemption from the MTA, and that as such, NPO donations are not a regulated activity. Specifically, the company’s NPO agreement provides that the company is appointed as the NPO’s agent and is obligated to remit all funds collected on the NPO’s behalf to the NPO. Receipt of the funds from the company’s client “constitutes receipt by the NPO, even if the NPO does not receive the funds from [the client].” The company, and not the client or recipient, is solely responsible to the NPO, DFPI said, adding that “[c]lient funds temporarily being held in [the company’s bank] operating account in prepayment for closed loop gift cards, bank-issued open loop gift cards, and NPO donations are not stored value.”

    Licensing State Issues DFPI Nonprofit California Money Transmission Act California State Regulators

  • Louisiana proposes virtual currency business licensing rules

    On June 20, the Louisiana Office of Financial Institutions (OFI) published proposed rules in the Louisiana Register to implement the Louisiana Virtual Currency Business Act (VCBA), which governs the licensing process for businesses or individuals who are currently operating, or intend to soon begin operating, a virtual currency business in the state. As previously covered by InfoBytes, the Act (HB 701), which took effect August 1, 2020, provides for the licensing and regulation of virtual currency businesses in the state. Subject to certain exceptions, the bill establishes licensing and registration requirements, and, among other things, (i) authorizes reciprocity of licensure with other states; (ii) specifies that licensee applications must be submitted through the Nationwide Multi-State Licensing System; (iii) adds provisions related to licensee examinations; (iv) outlines licensee surety bond requirements “based on the nature and extent of risks in the applicant’s virtual currency business model”; (v) provides the state’s office of financial institutions with enforcement authority; and (vi) prohibits licensees from engaging in unfair, deceptive, or fraudulent practices. 

    The proposed rules are intended to enable OFI to achieve its regulatory goals and supervision and oversight of such persons included within the scope of the VCBA in an efficient, effective manner. OFI also proposes to implement a fee structure to cover regulatory and supervisory costs in order for the agency to effectively ensure compliance with the VCBA, and allow for licensure and registration of covered persons. Among other things, the proposed rules:

    • Outline various definitions, including terms related to control, net worth, unfair or deceptive acts or practices, and unfair or unsound acts or practices.
    • Describe processes for the approval of a control person or approval of a change in control; licensing renewal or registration notice; determination of net worth; examination and investigation procedures; and requirements for reporting, recordkeeping, and implementation of policies and procedures.
    • Stipulate that “failure to provide any disclosure or disclosures required by Subsection 1931(C) of this rule shall be an unfair or deceptive act or practice for purposes of taking enforcement action against a licensee, registrant, or person that is neither a licensee nor registrant but is engaging in virtual currency business activity or activities.” While the proposed rules do not specifically identify the required disclosures, they state that the “commissioner shall also determine, by policy, the time and form required for such disclosures. Disclosures required by this section must be made separately from any other information provided by the licensee to a person and in a clear and conspicuous manner. A licensee may propose, for the commissioner’s approval, alternate disclosures as deemed more appropriate for its virtual currency business activity with, or on behalf of, persons in Louisiana.”
    • Clarify that an unsafe or unsound act or practice includes engaging in an activity “which creates the likelihood of material loss, insolvency, dissipation of the licensee’s or registrant’s assets, materially prejudices the interests of its customers, and any other set of facts and circumstances, as determined by the commissioner in his discretion.”
    • Allow the commissioner to assess a civil penalty for violations of the VCBA (or any rule promulgated pursuant to the VCBA or an commissioner-issued orders) not to exceed $1,000 for each violation.

    The proposed rules provide that “[n]oncompliance with any provisions of the VCBA, including but not limited to any provisions pertaining to ownership, control, security, net worth, registration, or failure to pay any fee may likewise be considered in determining whether to deny issuance or renewal of a license or notice of registration.” Once the rules are implemented, any person already engaged in virtual currency business activity or activities in the state must either apply for a license or file a notice of registration, and submit a completed application within 90 days of the effective date. Persons engaged in virtual currency business activity that fail to submit a completed licensing application or notice of registration within 90 days of the effective date of the rules shall be deemed to be conducting unlicensed or unregistered virtual currency business activity or activities and will be subject to civil and criminal penalties. Starting November 1, 2023, “all applications for renewal for all licenses and notices of registration to engage in virtual currency business activities shall begin submitting an application or notice of registration for renewal on the first day of November of each calendar year.”

    Comments on the proposed rules are due July 10.

    Licensing Digital Assets State Issues State Regulators Louisiana Virtual Currency Agency Rule-Making & Guidance

  • NYDFS imposes $5 million fine against cruise line for cybersecurity violations

    Privacy, Cyber Risk & Data Security

    On June 24, NYDFS announced a consent order imposing a $5 million fine against a group of Florida-based cruise lines for alleged violations of the state’s Cybersecurity Regulation (23 NYCRR Part 500). According to a Department investigation, the companies were subject to four cybersecurity incidents between 2019 and 2021 (including two ransomware attacks). The companies determined that unauthorized parties gained access to employee email accounts, and that, through a series of phishing emails, the parties were able to access email and attachments containing personal information belonging to the companies’ consumers and employees. NYDFS claimed that although the companies were aware of the first cybersecurity event in May 2019, they failed to notify the Department as required under 23 NYCRR Part 500 until April 2020. The investigation further showed that the companies allegedly failed to implement multi-factor authentication and did not provide adequate cybersecurity training for their personnel. NYDFS determined that in addition to the penalty, since the companies were licensed insurance producers in the state at the time of the cybersecurity incidents they would be required to surrender their insurance provider licenses.

    The settlement follows a $1.25 million data breach settlement reached with 45 states and the District of Columbia on June 22 (covered by InfoBytes here).

    Privacy/Cyber Risk & Data Security State Issues NYDFS State Regulators Enforcement Settlement Data Breach 23 NYCRR Part 500

Pages

Upcoming Events