Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
District Court enters consent order against individual defendant in 2016 CFPB structured settlement action
On May 18, the U.S. District Court for the District of Maryland approved a consent order against defendants in an action concerning allegedly unfair, abusive, and deceptive structured settlement practices. As previously covered by InfoBytes, in 2016 the Bureau initiated an enforcement action against the defendants alleging that they violated the CFPA by employing abusive practices when purchasing structured settlements from consumers in exchange for lump-sum payments. According to the Bureau, the defendants encouraged consumers to take advances on their structured settlements and falsely represented that the consumers were obligated to complete the structured settlement sale, “even if they [later] realized it was not in their best interest.” In July 2021, the court denied the defendants’ motions to dismiss the Bureau’s amended complaint, which argued that the enforcement action was barred by the U.S. Supreme Court’s decision in Seila Law LLC v. CFPB, which held that the director’s for-cause removal provision was unconstitutional (covered by a Buckley Special Alert). The defendants had also argued that that the ratification of the enforcement action “came too late” because the statute of limitations on the CFPA claims had already expired (covered by InfoBytes here). Under the terms of the May 18 consent order, the individual defendant, who “had an ownership interest in [the company] and served in executive positions at [the defendants] from their inception to their dissolution" is prohibited from, among other things, participating or assisting others in participating in transfer of payment streams from structured-settlement holders and referring consumers to a specific individual or for-profit entity for advice concerning any structured-settlement transaction, including for independent professional advice. The individual defendant must also pay a $5,000 civil money penalty.
On May 25, the DOJ filed a complaint on behalf of the FTC against a global social media company for allegedly misusing users’ phone numbers and email addresses uploaded for security purposes to target users with ads. (See also FTC press release here.) According to the complaint, the defendant deceived users about the extent to which it maintained and protected the security and privacy of users’ nonpublic contact information. Specifically, from May 2013 to September 2019, the defendant asked users to provide either a phone number or an email address to improve account security. The defendant, however, allegedly failed to inform the more than 140 million users who provided phone numbers or email addresses that their information would also be used for targeted advertising. The FTC claimed the defendant used the collected information to allow advertisers to target specific ads to specific users by matching the phone numbers or email addresses with data they already had or obtained from data brokers. DOJ’s complaint alleged that the defendant’s conduct violated the FTC Act and the EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield agreements, which require participating countries to adhere to certain privacy principles in order to legally transfer data from EU countries and Switzerland. This conduct also allegedly violated a 2011 FTC consent order with the defendant stemming from claims that the defendant deceived users and put their privacy at risk by failing to safeguard their personal information. According to DOJ’s complaint, the 2011 order “specifically prohibits the company from making misrepresentations regarding the security of nonpublic consumer information.”
Under the terms of the proposed order, the defendant would be required to pay a $150 million civil penalty and implement robust compliance measures to improve its data privacy practices. According to the FTC and DOJ announcements, these measures would (i) “allow users to use other multi-factor authentication methods such as mobile authentication apps or security keys that do not require users to provide their telephone numbers”; (ii) require the defendant to “notify users that it misused phone numbers and email addresses collected for account security to also target ads to them and provide information about [its] privacy and security controls”; (iii) require the defendant to implement and maintain a comprehensive privacy and information security program, including conducting “a privacy review with a written report prior to implementing any new product or service that collects users’ private information,” regularly testing its data privacy safeguards, and obtaining regular independent assessments of its data privacy program; (iv) limit employee access to users’ personal data; and (v) require the defendant to notify the FTC should it experience a data breach, and provide reports after any data privacy incident affecting 250 or more users. Additionally, the defendant would be banned from profiting from deceptively collected data.
On May 17, the FDIC approved a final rule implementing its authority to prohibit any person or organization from making misrepresentations about FDIC deposit insurance or misusing the FDIC’s name or logo. According to the FDIC, the final rule responds to the “increasing number of instances where individuals or entities have misused the FDIC’s name or logo, or have made false or misleading representations about deposit insurance.” To promote transparency on the FDIC’s processes for investigating and enforcing potential breaches of prohibitions under Section 18(a)(4) of the Federal Deposit Insurance Act, the final rule clarifies the agency’s procedures for identifying, investigating, and where necessary, taking formal and informal action to address potential violations, and establishes a primary point-of-contact for receiving complaints and inquiries about potential misrepresentations regarding deposit insurance. The final rule takes effect 30 days after publication in the Federal Register.
In response, the CFPB released Consumer Financial Protection Circular 2022-02 to provide that covered firms are likely in violation of the CFPA’s prohibition on deceptive acts or practices “if they misuse the name or logo of the FDIC or engage in false advertising or make material misrepresentations to the public about deposit insurance, regardless of whether such conduct (including the misrepresentation of insured status) is engaged in knowingly.” As previously covered by InfoBytes, the newly introduced circulars serve as policy statements for other agencies with consumer financial protection responsibilities. Specifically, the Bureau warned that (i) “[m]isrepresenting the FDIC logo or name will typically be a material misrepresentation”; (ii) claiming “financial products or services are ‘regulated’ by the FDIC or ‘insured’ or ‘eligible for’ FDIC insurance are likely deceptive if those claims expressly or implicitly indicate that the product or service is FDIC-insured when that is not in fact the case” (e.g. emerging financial products and services including digital assets and crypto-assets); and (iii) misusing the FDIC’s name or logo creates harm for firms that engage in honest advertising and marketing. CFPB Director Rohit Chopra, as an FDIC board member, announced the Bureau’s support for the final rule. “Misrepresentation claims about deposit insurance are particularly relevant today,” Chopra noted. “FDIC staff has noted an uptick in potential violations in recent years. We are especially concerned about potential misconduct involving novel technologies, including so-called stablecoins and other crypto-assets. While new technologies may yield significant benefits for households, workers, and small businesses, they nonetheless pose risks to consumers who may be baited by misrepresentations or false advertisements about deposit insurance.”
Acting Comptroller of the Currency Michael J. Hsu specifically called out the timeliness of the final rule in light of changes in the marketplace, technological developments, and rapidly evolving consumer behaviors. The final rule “is especially important in light of the growth of nonbank crypto firms and fintechs and their relationships with banks,” Hsu stated. “The potential for consumer confusion about the status of cash held at these firms is high and this final rule will help provide clarity.”
On May 6, the FTC announced that the U.S. District Court for the Middle District of Florida granted a temporary restraining order against a credit repair operation for allegedly engaging in deceptive practices. According to the FTC’s complaint, the operation violated the FTC Act, the CROA, and the TSR by, among other things; (i) making misrepresentations regarding credit repair services; (ii) making misrepresentations regarding a money-making opportunity associated with a government benefit related to Covid-19; (iii) making untrue or misleading representations to consumers, which included increasing their credit score; (vi) charging for the performance of credit repair services that the defendants agreed to perform prior to such services being fully performed; (v) making untrue or misleading statements with respect to their sales pitch on credit worthiness, credit standing, or credit capacity to consumer reporting agencies, creditors, and potential creditors; and (vi) charging illegal advance fees. Beyond the temporary restraining order, the FTC is seeking a permanent injunction, the appointment of a receiver, immediate access to business premises, an asset freeze, and other equitable relief.
On May 4, the Connecticut Banking Commissioner issued a temporary cease and desist order against an unlicensed California-based marketplace lender after determining it had reason to believe the respondent allegedly violated several provision of the Connecticut General Statutes, as well as Section 1036 of the CFPA. The respondent operates a mobile application to help consumers take out small-dollar loans and solicits lenders via its website through advertisements claiming it “takes the work out of lending by vetting and organizing a marketplace of loan requests” where “[b]orrowers set their own terms and provide appreciation tips to lenders who agree to fund a loan, allowing for mutually beneficial financial outcomes.” Consumers initiate loans on the respondent’s platform for a certain amount, which includes optional monetary tips for both the lender and the respondent of up to 12 and 9 percent of the loan amount respectively. The Commissioner’s investigation noted that while the respondent touted the tips as being optional and not required for submitting a loan request or receiving funding, 100 percent of the loans originated to Connecticut consumers from June 2018 to August 2021 included a tip. When the tips were factored into the finance charge, the APRs of the Connecticut consumers’ loans ranged from 43 percent to over 4,280 percent. During the identified time period, loan disclosures identified the amount of the tips for each loan; however, starting in April 2021, the revised disclosures and promissory notes removed any itemization of the tips, and promissory notes allegedly “failed to indicate any obligation of the borrower to pay tips on their loans.” According to the Commissioner, the corresponding disclosures “stated that only one payment, for the principal loan amount, was due at the end of the loan,” however on the loan’s due date, the total loan amount including tips was withdrawn from the consumer’s account. Additionally, disclosures allegedly informed consumers that the APR on the loans was zero percent even though all the loans carried much higher APRs.
The Commissioner further concluded that the respondent prohibited direct communication between consumers and lenders and charged several fees on delinquent loans, including late fees and recovery fees for its collection efforts. Moreover, at least one of the contracted collection agencies was not licensed in the state, nor was the respondent licensed as a small loan company in Connecticut, and nor did it qualify for a licensure exemption.
In issuing its order to cease and desist, order to make restitution, and notice of intent to impose a civil penalty and other equitable relief, the Commissioner stated that the respondent’s “offering, soliciting, brokering, directly or indirectly arranging, placing or finding a small loan for a prospective Connecticut borrower, without the required license” constitutes at least 1,600 violations of the Connecticut General Statutes. The Commissioner cited additional violations, which included engaging in unlicensed activities such as lead generation and debt collection, and cited the respondent for providing false and misleading information related to the terms and costs of the loan transactions in violation of both state law and the CFPA’s prohibition against deceptive acts or practices. In addition to ordering the respondent to immediately cease and desist from engaging in the alleged violations, the Commissioner ordered the respondent to repay any amounts received from Connecticut consumers in connection with their loan, plus interest.
On May 10, the DOJ announced that two national retailers agreed to pay a $2.5 million and a $3 million civil penalty (see here and here) to resolve allegations that they engaged in false labeling and marketing tactics by presenting rayon textile products as bamboo. As previously covered by InfoBytes, the DOJ on behalf of the FTC, filed complaints (see here and here) against the defendants, which alleged that since at least 2015, the companies made false or unsubstantiated representations in violation of the FTC Act by improperly labeling and marketing textile fiber products as “made of bamboo” in both product titles and descriptions. In addition to paying the civil money penalties, the defendants are prohibited from making deceptive claims, including false and/or unsubstantiated claims, relating to bamboo fiber products, and are prohibited from engaging in future violations of the FTC Act, Textile Act and Textile Rules.
On May 4, the CFPB announced a consent order against a national bank for allegedly engaging in unfair and deceptive acts or practices in violation of the CFPA by processing out-of-state garnishment orders against its customers’ bank accounts. According to the consent order, since August 2011, the respondent allegedly garnished approximately 3,700 out-of-state accounts. Customers whose accounts were garnished paid at least $592,000 in garnishment fees, the CFPB contended. The respondent allegedly, among other things, misrepresented to customers that their rights to have certain funds exempted from garnishment were governed by the law of the issuing court’s state when, actually, in most states, customers’ own state laws applied. The respondent also allegedly unfairly required customers to “direct” it not to contest garnishment orders and to waive the bank’s liability for its actions regarding the out-of-state garnishment orders, which prevented customers from pursuing legal claims against the respondent for improperly handling garnishment notices. Additionally, the respondent allegedly deceptively represented to customers that since they signed a deposit agreement that included broad language directing respondent not to contest the legal process, customers waived their right to hold the respondent liable for improperly responding to garnishment notices. Under the terms of the consent order, the respondent must, among other things: (i) refund $592,000 in garnishment-related fees to harmed customers; (ii) establish a compliance plan designed to ensure that its garnishment-related conduct pertaining to out-of-state garnishment notices and state exemptions complies with all applicable federal consumer financial laws; (iii) cease communicating to customers that they have purportedly waived any rights regarding garnishment notices as a result of entering into respondent’s deposit agreement; and (iv) pay a $10 million civil penalty to the Bureau.
On April 22, the DOJ filed a complaint on behalf of the FTC against certain defendants providing funeral goods and services to consumers throughout the U.S. for alleged violations of Section 5 of the FTC Act and the FTC’s Funeral Rule. (See also FTC press release here.) According to the complaint, the defendants, who arrange third-party cremation services, allegedly (i) misrepresented that they perform local funeral services, which were instead outsourced to unaffiliated third parties; (ii) charged consumers additional undisclosed costs; and (iii) illegally threatened to withhold remains or information about the remains from consumers who refused to pay previously undisclosed fees or the new, higher prices. The complaint seeks injunctive relief, monetary relief, and civil penalties.
On April 19, the FTC filed a complaint against a day-trading investment company and its CEO alleging the defendants violated the FTC Act and the Telemarketing Sales Rule (TSR) in connection with the company’s investment opportunities. According to the complaint, the Massachusetts-based defendants promote day-trading investments online and sell programs promising to show consumers how to earn substantial profits in a short time period. The FTC contends that the defendants promote these so-called “profitable” and “scalable” trading strategies to consumers through allegedly deceptive sales pitches and inform consumers that their strategies are effective even with initial investments as small as $500. However, the FTC claims that 74 percent of customers’ accounts actually lost money and that only 10 percent of the accounts earned more than $90.
Under the terms of the proposed stipulated order, the defendants are required to pay $3 million in consumer redress and are permanently restrained and enjoined from making unsubstantiated earnings claims concerning consumers’ potential to earn money using their trading strategies regardless of the amount of capital invested or the amount of time spent trading. Defendants are also prohibited from violating federal law, or from making any misrepresentations about investment opportunities, including misrepresentations in connection with telemarketing regarding the amount of “risk, liquidity, earnings potential, or profitability of goods or services that are the subject of a sales offer.”
On April 14, the FTC filed a complaint against a Caribbean for-profit medical school and its Illinois-based operators alleging the defendants violated the Telemarketing Sales Rule, Holder Rule, and Credit Practices Rule (CPR) in connection with its marketing and credit practices. According to the complaint, the defendants improperly marketed the school’s medical license exam pass rate and residency match success. In addition, financing contracts omitted a legally-mandated Holder Rule notice in their credit agreements, among other things. Under the Holder Rule, “any seller that receives the proceeds of a purchase money loan [must] include, in the underlying credit contract, a specific notice informing the consumer of their right to assert claims against any holder of the credit contract.” In addition to omitting the required notice, the defendants also allegedly attempted to waive consumers’ legal rights by inserting language in the credit agreements stating, “ALL PARTIES, INCL[U]DING BOTH STUDENT BORROWER AND COSIGNER. . .WAIVE ANY CLAIM OR CAUSE OF ACTION OF ANY KIND WHATSOEVER THAT THEY MAY HAVE WITH RESPECT TO [DEFENDANT]…” The FTC also contended that the defendants included a notice informing cosigners of their liability in the middle of the contract, instead of providing a separate document containing specific language required by the CPR.
Under the terms of the proposed stipulated order, the defendants are required to pay a $1.2 million judgment that will go towards refunds and debt cancellation for affected consumers, and also cease collection of approximately $357,000 in consumer debt covered by the proposed order. Defendants are also required to notify each consumer that their debt is being cancelled and that consumer reporting agencies will be directed to delete the debt from the consumers’ credit reports. Additionally, defendants are prohibited from misrepresenting their pass rates and residency matches, and from making unsubstantiated claims or violating federal law. The order also provides Holder Rule protections, including prohibiting defendants from selling, transferring, or assigning any consumer credit contracts unless the recipient of such contract agrees, in writing, “that its rights are subject to the borrowers’ claims and defenses against [d]efendants” and requiring defendants to notify each borrower whose credit contract is sold.
- Buckley Webcast: Fifth Circuit muddles CFPB’s plans to use in-house judges in enforcement proceedings
- Steven vonBerg to discuss “Regulatory plenary” at the Information Management Network’s Non-QM Forum
- Jeffrey P. Naimon to discuss “Understanding the ESG impact on compliance” at the ABA’s Regulatory Compliance Conference