Skip to main content
Menu Icon Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations

Filter

Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • Online payments system company settles FTC privacy, security, and money transfer allegations

    Privacy, Cyber Risk & Data Security

    On February 23, the FTC announced a proposed settlement with a global online payments system company (company) to resolve a complaint filed in 2016 concerning allegations that its payment and social networking service (service) violated the FTC Act when it, among other things, failed to adequately disclose to consumers that transfers to external bank accounts were subject to review and that funds could be frozen or removed based on a review of the underlying transaction. According to FTC allegations, many consumers who relied on notifications from the service that funds were available for transfer found themselves unable to pay rent or other bills. In some instances, the service reversed transactions after initially notifying consumers the funds were available. Additionally, the service allegedly violated the Gramm-Leach-Bliley Act’s Privacy and Safeguard Rules (GLBA Rules) by misleading consumers about protections for their accounts when it claimed to use “bank-grade security systems” and failed to have a written security program or implement basic security safeguards. As a result, the FTC claims unauthorized users were able to, in certain cases, withdraw funds from consumer accounts or change passwords and/or associated email addresses without consumers being notified.

    Under the proposed settlement, the company—which did not admit or deny liability and is not required to pay a fine—has agreed that it will not misrepresent any material restrictions on the use of its service, the extent of control provided by any privacy settings, and the extent to which it “implements or adheres to a particular level of security.” The company will also, among other things, make certain disclosures to consumers about its transaction and privacy practices, obtain biennial third-party assessments of its compliance with these rules for 10 years, and refrain from violating any provisions of the GLBA Rules.

    Privacy/Cyber Risk & Data Security FTC Peer-to-Peer Settlement Gramm-Leach-Bliley FTC Act

    Share page with AddThis
  • Democratic Senators Commission GAO to Study Fintech Industry

    Fintech

    On April 18, Senators Sherrod Brown (D-OH), Jeffrey Merkley (D-OR), and Jeanne Shaheen (D-NH) sent a letter to the Government Accountability Office (GAO) requesting that it complete a study on the fintech industry. Under the Dodd-Frank Act, the GAO is required to examine the regulatory structure of person-to-person (P2P) lending. While the letter recognizes that the GAO issued a report on P2P lending in 2011, the senators urged the GAO to recognize that the lending platforms of financial technology firms (often called fintech) “has changed dramatically and evolved beyond consumer lending,” and that “P2P lending, now generally called marketplace lending, is not the only form of fintech that has developed over the last several years.” The letter further cautions that, “gaps in understanding and regulation of emerging financial products may result in predatory lending, consumer abuse, or systemic issues.” Finally, Senators Brown, Merkley, and Shaheen urged the GAO to provide responses to questions relating to, among other things, (i) the size and structure of the loan portfolios maintained by privately owned fintech lenders; (ii) how fintech lenders’ relationships with financial institutions impact both the financial system at large and regulatory framework; (ii) whether the risks that may arise from the investor base shifting from individual investor to institutional investor have grown since this issue was first noted in the GAO’s 2011 report; and (iii) the anti-money laundering, data security, and privacy requirements fintech companies are subject to.

    Anti-Money Laundering U.S. Senate Online Lending GAO Fintech Privacy/Cyber Risk & Data Security Marketplace Lending Peer-to-Peer Predatory Lending

    Share page with AddThis