Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On July 7, the Connecticut governor signed SB 848, which, among other things, amends certain mortgage licensing provisions in the state’s banking statutes. Amendments include defining “residential mortgage loan” to include a “shared appreciation agreement” which is defined as “a nonrecourse obligation in which an advance sum of monetary value is extended to a consumer, as a lump sum or otherwise, in exchange for an equity interest in a dwelling, residential real estate or a future obligation to repay a sum upon the occurrence of an event, including, but not limited to, the transfer of ownership, repayment maturity date, death of the consumer or as outlined and explicitly agreed to within said agreement.” Amendments also include defining an “out-of-state mortgage loan originator” as “an individual who maintains a unique identifier through the system and holds a valid mortgage loan originator license issued pursuant to the laws of any state other than this state.” Additionally, effective October 1, all individuals must “obtain a mortgage loan originator license prior to conducting such business unless such individual does not engage directly in the activities of a mortgage loan originator or conducts such business pursuant to the temporary authority provided in subsection (e).”
New Subsection (e) provides that individuals employed by a person licensed as a mortgage lender, mortgage correspondent lender, or mortgage broker in the state will be granted temporary authority to act as a mortgage loan originator in the state for the certain period of time, provided the individual meets certain specified criteria, including that the individual has not had a loan originator licensing application denied, has not had a loan originator license revoked or suspended, has not been subject to, or served with, a cease and desist order in any governmental jurisdiction or by the CFPB, has not been convicted of a misdemeanor or felony that would preclude licensure in this state, and was registered in the system as a registered loan originator during the one-year period immediately preceding the date on which the individual submitted an application and supporting materials. Temporary licenses will remain effective until a determination is made on the status of a permanent license, and temporarily licensed individuals will “be subject to the laws of this state to the same extent as if the individual is licensed as a mortgage loan originator in this state.” The amendments are effective October 1.
On July 7, the Connecticut governor signed SB 890, which requires student loan servicers of federal student loans to register with the Department of Banking commissioner and comply with various state requirements and consumer protection mandates. The act now requires, subject to certain exemptions, entities servicing federal student loans (directly or indirectly) to obtain a license from the commissioner. Private student loan servicers are also still required to obtain licenses from the commissioner, and no licensee or registrant will be permitted to use any name other than its legal name or a fictitious name approved by the commissioner. Among other things, the act’s amendments provide new definitions and outline servicer duties, responsibilities, and prohibitions. Additionally, the amendments grant the commissioner the authority to impose civil penalties for violations of the act’s provisions after providing notice and an opportunity for hearing, and permits the commissioner to “suspend, revoke or refuse to renew any registration filed pursuant to section 3 of this act if any fact or condition exists which, if it had existed at the time of filing for registration, would have precluded eligibility for such registration.” The amendments took effect July 1.
On June 29, the Colorado governor signed SB21-057, which expands the Colorado Student Loan Servicers Act by adding new provisions covering private lenders, creditors, and collection agencies connected to postsecondary non-federal student loans. The act adds “Part 2” to the Colorado Revised Statutes, which, among other things, provides new definitions and stipulates that on or after September 1, lenders may not offer or make a private education loan to a state resident without first registering with the administrator and then annually providing specific loan data and contact information. Additionally, the act (i) outlines cosigner disclosure requirements and specifies that private education lenders are required to grant a release to cosigners provided certain conditions are met; (ii) provides that if a cosigner dies, the lender will not attempt to collect against the cosigner’s estate except for payment default; (iii) expands disability discharge requirements so that a borrower or cosigner may be released from payment obligations if permanently disabled; (iv) requires lenders to provide additional disclosures related to loans that will be used to refinance an existing loan; (v) outlines prohibited conduct concerning unfair, deceptive, or abusive acts or practices, such as placing a loan into default or accelerating a loan while a borrower is seeking a loan modification or enrolling in a flexible repayment plan; (vi) discusses debt collection prerequisites; and (vii) allows borrowers to bring a private right of action, including a counterclaim, against a lender or collection agency to recover or obtain actual damages or $500 (whichever is greater), restitution, punitive damages, injunctive relief, credit report corrections, attorney fees and costs, among others. Additionally, if it is proven that a lender or a collection agency has provided false information, the court will award the borrower the greater of treble damages or $1,500. Moreover, a violation of Part 2 is defined as a deceptive trade practice. Lenders or collection agencies that fail to comply with the outlined provisions will be liable for, among other things, actual damages sustained by a borrower or cosigner, as well as a monetary award equal to three times the total amount collected from the borrower in violation of Part 2. The act takes effect immediately.
On July 13, the Connecticut governor signed SB 716 to provide additional protections for student loan borrowers and impose new requirements on student loan servicers. Among other things, the act requires servicers to provide certain information to borrowers and cosigners regarding their rights and responsibilities, including cosigner release eligibility and the cosigner release application process. The law also prohibits a student loan servicer from engaging in an abusive act or practice when servicing a student loan and expands the definition of “servicing” in state student loan servicer law. The law provides a list of exempt persons, which includes banks and credit unions and their wholly-owned subsidiaries. The act states it took effect July 1.
On July 13, the New York governor signed S.3941, which expands the state’s definition of telemarketing to include marketing by text message. A press release issued by the governor noted that expanding the definition closes a loophole in state law that previously limited the definition to phone calls, including unwanted robocalls. “Electronic text messages to  mobile devices have become the newest unwelcomed invasive marketing technique. Consumers should not be burdened with excessive and predatory telemarketing in any form, including text messages,” the press release stated. The act takes effect 30 days after becoming law.
On July 12, Colorado enacted HB 1282, which creates the Colorado Nonbank Mortgage Servicers Act under Article 21 and provides additional consumer protections through the regulation of mortgage servicers. Under the act, a mortgage servicer does not include, among others: supervised financial organizations; certain regulated mortgage loan originators; a federal agency or department; a collection agency whose debt collection business involves collecting on defaulted mortgage loans; agencies, instrumentalities, or political subdivisions of the state; supervised lenders that do not service residential mortgages; servicers that service fewer than 5,000 residential mortgage loans annually; nonprofit organizations; government agencies; originators or servicers using a subservicer that does not act under their direction; and persons servicing loans held for sale. The act stipulates that on or after January 31, 2022, a person may not act as a mortgage servicer without providing notice to the administrator and paying the required fees within 30 days after it begins servicing in the state, and on or before January 31 annually thereafter. The act also outlines provisions related to renewal requirements, record retention, and compliance with federal laws and regulations. Under specified administrator powers and duties, the administrator is allowed to bring an enforcement action against a mortgage servicer, seek restitution and civil money penalties, and request an injunction. While the act provides a four-year statute of limitations, an additional one-year extension may be granted if it is proven that a mortgage servicer engaged in calculated conduct to delay commencement of the action. The act, however, does not create a private right of action or “affect any remedy that a borrower may have pursuant to law other than this Article 21.”
On July 6, the Connecticut governor signed HB 6607, which is intended to incentivize businesses to adopt cybersecurity standards. Among other things, the act provides a complete defense to punitive damages for a cause of action founded in tort claiming a business’ failure to “implement reasonable cybersecurity controls resulted in a data breach concerning personal or restricted information.” The defense is available when an action is brought under Connecticut law or in Connecticut state court and where a business’ cybersecurity program conforms to an “industry recognized cybersecurity framework,” including the National Institute for Standards and Technology’s Framework for Improving Critical Infrastructure Cybersecurity and the Payment Card Industry Data Security Standard. A business can also take advantage of the defense if it is regulated by the state or federal government and is subject to, and conforms its cybersecurity program to, current versions of the following federal laws: (i) HIPAA; (ii) Title V of the Gramm-Leach-Bliley Act; (iii) the Federal Information Security Modernization Act; or (iv) the Health Information Technology for Economic and Clinical Health Act. Additionally, should one of the identified frameworks or provided laws be amended, a business has six months after publication to conform to the revisions. The act requires a business’ cybersecurity program to, among other things, protect both “restricted information” and “personal information,” and be based on a business’ size and complexity, the nature and scope of its conducted activities, the sensitivity of the protected information, and the cost and availability of tools to improve information security measures and reduce vulnerabilities. The defense will not apply if a business’ “failure to implement reasonable cybersecurity controls was the result of gross negligence or wilful or wanton conduct.” The act takes effect October 1.
On July 1, the Virginia governor signed SB 1410, which, among other things, amends the state’s anti-discrimination statutes to prohibit discrimination in public accommodations, employment, and housing based on military status. The bill amends the Virginia Fair Housing Law to prohibit discrimination in the sale or rental of dwellings by any person or entity, and prohibit discrimination by “any person or other entity, including any lending institution, whose business includes engaging in residential real estate-related transactions.” The bill also provides that “the term ‘residential real estate-related transaction’ means any of the following: [t]he making or purchasing of loans or providing other financial assistance (i) for purchasing, constructing, improving, repairing, or maintaining a dwelling or (ii) secured by residential real estate; or [t]he selling, brokering, insuring, or appraising of residential real property.” The bill is effective immediately.
On July 7, the Colorado governor signed SB 91, which, among other things, repeals a prior ban on surcharges for credit or debit card transactions. The bill limits the maximum surcharge amount per transaction to 2 percent of the payment amount or the actual fee. Merchants are required to display a specified notice regarding the surcharge on their premises or, for online purchases, before a customer’s completion of the transaction. The act becomes effective July 1, 2022.
On July 7, the Colorado governor signed SB 21-190 to create the Colorado Privacy Act (CPA) and establish a framework for personal data privacy rights. Colorado now joins Virginia and California as the third state in the nation to enact comprehensive consumer privacy laws. In 2018, California became the first state to put in place significant consumer data privacy measures under the California Consumer Privacy Act (covered by a Buckley Special Alert), and earlier this year in March, Virginia enacted the Consumer Data Protection Act (covered by InfoBytes here).
Highlights of the CPA include:
- Jeffrey P. Naimon to provide “Fair lending update” at the Colorado Mortgage Lenders Association Operational and Compliance Forum
- Kari K. Hall to discuss “Justice for all: Achieving racial equity through fair lending” at CBA Live
- Warren W. Traiger to discuss “On the horizon for CRA modernization” at CBA Live
- APPROVED Webcast: Strategy & Technology: A dynamic duo for successful regulatory exams
- Melissa Klimkiewicz to participate in Q&A on flood insurance at the NAFCU Virtual Regulatory Compliance School
- Daniel R. Alonso to discuss “Primer on cross-border prosecutions in Argentina, Brazil, Colombia, and Mexico for U.S. criminal lawyers” at a New York City Bar Association webinar
- Jonice Gray Tucker to discuss "Fair lending" at the Mortgage Bankers Association Regulatory Compliance Conference
- Michelle L. Rogers to discuss “State law regulatory and enforcement trends” at the Mortgage Bankers Association Regulatory Compliance Conference
- Jonice Gray Tucker to discuss “Government investigations, and compliance 2021 trends” at the Corporate Counsel Women of Color Career Strategies Conference
- Max Bonici to discuss “BSA/AML trends: What to expect with the implementation of the AML Act of 2020” at the American Bar Association Banking Law Fall Meeting
- H Joshua Kotin to discuss “Modifications and exiting forbearance” at the National Association of Federal Credit Unions Regulatory Compliance Seminar
- Jonice Gray Tucker to discuss “Fintech trends” at the BIHC Network Elevating Black Excellence Regional Summit
- Amanda R. Lawrence to discuss “Consumer financial services government enforcement actions – The CFPB and beyond,” at the Government Investigations & Civil Litigation Institute Annual Meeting
- Jonice Gray Tucker to discuss "Consumer financial services" at the Practising Law Institute Banking Law Institute