Skip to main content
Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations

Filter

Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • Illinois updates Consumer Installment Loan Act and Payday Loan Reform Act

    State Issues

    On August 23, the Illinois governor signed SB 1758, which amends the state’s Consumer Installment Loan Act and the Payday Loan Reform Act. Generally, payday loans must be repayable in substantially equal and consecutive installments. The amendment clarifies that a “‘substantially equal installment’ includes a last regularly scheduled payment that may be less than, but not more than 5% larger than, the previous scheduled payment according to a disclosed payment schedule agreed to by the parties.” The amendments take effect immediately.

    State Issues State Legislation Installment Loans Payday Lending

  • New York restores Martin Act’s six-year statute of limitations

    State Issues

    On August 26, the New York governor signed S 6536, which returns the statute of limitations within which the state’s attorney general must bring financial fraud claims under the Martin Act to six years. As previously covered by InfoBytes, in 2018 the New York Court of Appeals issued a ruling that claims brought under the Martin Act are governed by a statute of limitations of three years, not six. According to the majority in that court decision, the three-year period applied because the Martin Act “expands upon, rather than codifies, the common law of fraud” and “imposes numerous obligations—or ‘liabilities’—that did not exist at common law,” which justified the imposition of a three-year statute of limitations. However, Governor Andrew Cuomo noted that “[b]y restoring the six-year statute of limitations under the Martin Act, we are enhancing one of the state’s most powerful tools to prosecute financial fraud so we can hold more bad actors accountable, protect investors and achieve a fairer New York for all.” Effective immediately, S 6536 will amend Section 213 of the state’s Civil Practice Law and Rules to include Martin Act cases among those that must be brought within six years.

    State Issues State Legislation Martin Act State Attorney General Fraud

  • Illinois pushing to increase accessibility to certified financial products

    State Issues

    On August 19, the Illinois governor signed SB 1332, which is designed to decrease low-income consumers’ reliance on alternative financial products and increase the accessibility to certified financial products (defined as a “financial product offered by a financial institution that meets minimum requirements as established by the Comptroller”). SB 1332 creates the Illinois Bank On Initiative Commission, chaired by the state Comptroller, which will provide an annual, publicly available report (starting October 2020) that will list: (i) authorized certified financial products and minimum requirements for qualification; (ii) financial institutions providing certified financial products; and (iii) outreach strategies for facilitating access to certified financial products. SB 1332 is effective immediately.

    State Issues State Legislation Consumer Finance

  • Illinois requires companies to report data breaches to attorney general

    State Issues

    On August 9, the Illinois governor signed SB 1624, which requires that a single data breach involving the personal information of more than 500 Illinois residents must be reported to the state attorney general. The notice must include: (i) a description of the nature of the breach of security or unauthorized acquisition or use; (ii) the number of Illinois residents affected by such incident at the time of notification; and (iii) any steps the data collector has taken or plans to take relating to the incident. Notification is required to be made “in the most expedient time possible and without unreasonable delay,” but no later than when the data collector informs consumers of the breach under current law. The bill is effective January 1, 2020.

    State Issues State Legislation Privacy/Cyber Risk & Data Security Data Breach State Attorney General

  • New York increases homeowner safeguards, closes loopholes to prevent deed fraud and mortgage scams

    State Issues

    On August 14, the New York governor signed a package of bills intended to increase consumer homeowner protections. According to a press release issued by the governor, the three measures enact homeowner safeguards and close loopholes to prevent deed fraud and mortgage scams.

    • A 92 imposes obligations on banks or financial institutions that sell or transfer a mortgage after a borrower has applied for a loan modification. Specifically, the law requires the original holder of the loan to provide the borrower with a list of all modification application documents provided to the buyer or transferee of the mortgage. The measure also requires the new mortgage servicer to honor the terms and conditions of a loan modification that was approved by the original servicer. The act takes effect in 90 days.
    • A 1800 requires servicers of vacant or abandoned residential properties to continue to pay homeowners’ association fees or cooperative fees on properties in the state to ensure they do not become dilapidated before a foreclosure is finalized. The act takes effect immediately.
    • A 5615 amends state law related to distressed home loans to extend consumer protections for homes in default and foreclosure by, among other things, (i) providing homeowners additional time to cancel a covered contract with a purchaser; (ii) preventing distressed property consultants from inducing the consumer to transfer the deed to the consultant or anyone else; and (iii) allowing consumers to void contracts, deeds, or other agreements material to the consumer’s property where an individual was convicted of or pled guilty to making false statements in connection with that agreement. The act takes effect immediately.

    State Issues State Legislation Mortgages Foreclosure

  • NYDFS proposes student loan servicers regulation

    On July 31, NYDFS published a notice of proposed rulemaking in the New York State Register. The proposed rule would implement legislation related to the supervision, regulation, and licensing of private student loan servicers passed in March as part of the state’s FY 2020 budget. As previously covered by InfoBytes, unless exempt from certain provisions, student loan servicers must comply with the requirements set forth in the amendments to the banking law and be licensed by NYDFS in order to service student loans owned by residents of New York. Entities exempt from the licensing requirements include servicers of federal student loans, banking organizations, foreign banking organizations, national banks, federal savings associations, federal credit unions, or any bank or credit union organized under the laws of any other state.

    Among other things, the proposed regulation outlines servicing standards, examination guidelines, cybersecurity compliance requirements, and definitions for the terms “unfair” and “abusive.” A list of prohibited practices is also provided, which includes: (i) employing schemes to defraud or mislead borrowers; (ii) engaging in unfair, deceptive, abusive, or predatory acts or practices; (iii) “misapplying payments to the outstanding balance of any student loan or to any related interest or fees”; (iv) making false statements or omissions connected to information provided to a government agency; (v) failing to promptly respond to communications received from NYDFS; and (vi) failing to provide responses to consumer complaints.

    Generally, the requirements will take effect October 9, with the exception of a phased-in transition period for certain cybersecurity provisions related to 23 NYCRR Part 500 that gives student loan servicers until April 9, 2020 to comply. Comments on the proposed regulation are due September 30.

    Licensing State Issues State Legislation Student Loan Servicer NYDFS Student Lending

  • New Jersey establishes Office of the Student Loan Ombudsman, provides student loan servicer regulations

    State Issues

    On July 30, the New Jersey governor signed S1149 to, among other things, establish the Office of the Student Loan Ombudsman within the Department of Banking and Insurance and provide licensing requirements for student loan servicers. Notably, federal or state chartered banks, savings banks, savings and loan associations, and credit unions, as well as their wholly owned subsidiaries, are exempt from the bill’s licensure requirements

    The appointed ombudsman’s responsibilities will include (i) reviewing, analyzing, and resolving borrower complaints; (ii) providing information to the public, agencies, legislators, and others regarding borrower concerns; (iii) reviewing complete student loan histories for borrowers who have provided written consent; (iv) establishing and maintaining a student loan borrower education course, including providing information on “monthly payment obligations, income-based repayment options, loan forgiveness, and disclosure requirements”; and (v) providing a report 12 months following the date of appointment to the Commissioner of Banking and Insurance (Commissioner) conveying any additional steps that may be necessary to address the licensing and enforcement of student loan servicers.

    Additionally, the bill establishes licensing provisions for student loan servicers, and requires all servicers and certain other exempt entities to maintain student loan records for at least two years after the final payment or assignment of the loan, whichever comes first.

    The bill also gives the Commissioner authority to conduct investigations and examinations of licensed servicers, as well as impose fines of not more than $10,000 for the first violation, and $20,000 for the second and for offenses thereafter. Student loan servicers must also comply with applicable federal laws, including the Truth in Lending Act. The bill notes that “any violation of any federal law or regulation shall be deemed a violation of this section and a basis upon which the [C]ommissioner may take enforcement action.”

    The bill will take effect November 27.

    State Issues State Legislation Student Lending Licensing Student Loan Servicer

  • North Carolina enacts state SCRA, expands protections

    State Issues

    On July 25, the North Carolina governor signed SB 420, the “NC Servicemembers Civil Relief Act” (NCSCRA), which, among other things, incorporates into state law the rights, benefits and protections of the federal Servicemembers Civil Relief Act (SCRA) and extends those provisions to members of the North Carolina National Guard serving on state active duty and to members of the National Guard of other states serving on state active duty who reside in North Carolina. In addition to the rights afforded to servicemembers in the SCRA, the NCSCRA (i) expands certain protections for dependents of servicemembers, including protections against default judgments and an interest rate cap of six percent; (ii) authorizes the termination of certain service contracts, allowing servicemembers and their dependents to terminate telephone, internet, cable TV, satellite radio, and prepaid entertainments contracts upon relocation orders for 90 days or more to a location that does not support such services; and (iii) allows for the extension of residential lease agreements until 10 days after a member of the North Carolina National Guard or a member of another state’s National Guard who is residing in North Carolina’s active duty terminates. The NCSCRA provides for action by the attorney general for any violation, with a civil penalty up to $5,000 per violation and also allows for a private right of action by an aggrieved servicemember.

    State Issues Military Lending State Legislation SCRA

  • New York expands data breach notification laws

    Privacy, Cyber Risk & Data Security

    On July 25, the New York governor signed two bills designed to strengthen protections for consumers in the event their private information is compromised in a data breach.

    A 5635B, the Stop Hacks and Improve Electronic Data Security Act (SHIELD Act) updates the state’s privacy law by expanding the definition of personal information and broadening the definition of a data breach. Notably, the SHIELD Act applies to any person or entity with access to a New York resident’s private information, regardless of whether or not the company conducts business in the state. Among other provisions, the SHIELD Act:

    • Requires all covered entities to adopt and implement “reasonable” administrative, technical, and physical safeguards to protect and dispose of sensitive data, as well as implement “reasonable” administrative safeguards, such as employee training;
    • Stipulates that a covered entity that is already regulated by, and in compliance with, certain existing applicable state or federal data security requirements (e.g., Gramm-Leach-Bliley Act, HIPAA, and 23 NYCRR Part 500—NYDFS’ Cybersecurity Regulation) is considered a “compliant regulated entity”;
    • Requires entities to promptly notify impacted individuals under new, broadened data breach notification requirements, which now include (i) “access to” private information as a trigger for notification, in addition to the existing “acquired” trigger; and (ii) expanded data types, including biometric data, email addresses, and corresponding passwords or security questions and answers;
    • Applies a more flexible standard for small businesses to ease regulatory burdens (qualifying small businesses must have fewer than 50 employees, under $3 million in gross annual revenue, or less than $5 million in assets) and will consider a small business compliant if its “security program contains reasonable administrative, technical and physical safeguards that are appropriate for the size and complexity of the small business” to protect the security, confidentiality, and integrity of private information; and
    • Broadens the New York attorney general’s oversight regarding data breaches impacting state residents. The SHIELD Act further stipulates that actions may not be brought under the law’s provisions unless the action is commenced within three years following either the date on which the attorney general received notice of the violation, or the date the notice was sent to affected individuals, whichever occurs first. However, “[i]n no event shall an action be brought after six years from the date of discovery of the breach of private information by the company unless the company took steps to hide the breach.”

    The SHIELD Act takes effect March 21, 2020.

    A 2374, which was signed into the law the same day, prohibits consumer credit reporting agencies from charging fees to consumers if the agency’s system was involved in a data breach including social security numbers. Credit reporting agencies are required to provide “reasonable identity theft prevention services and, if applicable, identity theft mitigation services for a period not to exceed five years at no cost to such consumers.” The law applies to any breach of security of a consumer credit reporting agency that occurred in the last three years. This measure takes effect September 23.

    Privacy/Cyber Risk & Data Security State Issues State Legislation Data Breach State Attorney General

  • Rhode Island says service contracts are not insurance

    State Issues

    On July 15, the Rhode Island governor signed H 5674, which clarifies that service contracts, vehicle theft protection product warranties, and vehicle maintenance agreements are not considered insurance and are therefore exempt from the state’s insurance code. The bill also amends definitions under the law’s chapter relating to service contracts. The amendments take effect January 1, 2020.

    State Issues State Legislation Service Contracts Insurance

Pages

Upcoming Events