Skip to main content
Menu Icon Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations

Filter

Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • Kraninger hints at new consent order policy

    Federal Issues

    On November 22, in a speech at The Clearing House + Bank Policy Institute Annual Conference, CFPB Director Kathy Kraninger noted that the Bureau is considering changes to its consent order process to “ensur[e] consent orders remain in effect only as long as needed to achieve their desired effects.” Specifically, Kraninger discussed that while most consent orders are effective for five-year periods and companies can request early termination or termination of indefinite orders, the Bureau has only terminated “a few” consent orders in the past. Similar to the Bureau’s recent changes to its Civil Investigative Demand (CID) policy (covered by InfoBytes here), Kraninger stated that the Bureau intends to announce an updated consent order policy “soon,” in order to “provide clarity and consistency.”

    Federal Issues CFPB Enforcement Consent Order CIDs

    Share page with AddThis
  • FTC settles with Belizean bank over real estate scheme

    Federal Issues

    On September 24, the FTC announced a proposed $23 million settlement with a Belizean bank resolving allegations that it assisted various entities in deceiving U.S. consumers into purchasing parcels of land in a luxury development in Belize. As previously covered by InfoBytes, in November 2018, the FTC filed charges and obtained a temporary restraining order against the operators of an international real estate investment scheme, which allegedly violated the FTC Act and the Telemarketing Sales Rule by advertising and selling parcels of land through the use of deceptive tactics and claims. The FTC asserted that consumers who purchased lots in the development purchased them outright or made large down payments and sizeable monthly payments, including HOA fees, and that defendants used the money received from these payments to fund their “high-end lifestyles,” rather than invest in the development. The FTC argued that “consumers either have lost, or will lose, some or all of their investments.” At the time, the FTC filed separate charges against the Belizean bank for allegedly assisting and facilitating the scam.

    According to the FTC, the bank has now agreed to the proposed consent order to settle the allegations. The consent order requires the bank to pay $23 million, which will be used to provide equitable relief, including consumer redress, and to cease all non-liquidation business activities permanently. Additionally, the consent order prohibits the liquidator or anyone else from seeking to re-license and operate the bank’s business. The consent order must be approved by the U.S. District Court for the District of Maryland.

    Federal Issues FTC FTC Act Courts Telemarketing Sales Rule Settlement Consent Order

    Share page with AddThis
  • FTC approves settlement with software provider over FTC Act and GLBA data security failures

    Federal Issues

    On September 6, the FTC voted 5-0 to approve a final settlement under which a software provider agreed to better protect the data it collects, resolving allegations that the company failed to implement reasonable data security measures and exposed personal consumer information obtained from its auto dealer clients in violation of the FTC Act and the Standards for Safeguarding Customer Information Rule, issued pursuant to the Gramm-Leach-Bliley Act.

    As previously covered by InfoBytes, in its complaint, the FTC alleged the company’s failure to, among other things, (i) implement an organization information security policy; (ii) implement reasonable guidance or training for employees; (iii) use readily available security measures to monitor systems; and (iv) impose reasonable data access controls, which resulted in a hacker gaining unauthorized access to the company’s database containing the personal information of approximately 12.5 million consumers. The approved settlement requires the company to, among other things, implement and maintain a comprehensive information security program designed to protect the personal information it collects, including implementing specific safeguards related to the FTC’s allegations. Additionally, the settlement requires the company to obtain third-party assessments of its information security program every two years and have a senior manager certify compliance with the order every year.

    Federal Issues FTC Privacy/Cyber Risk & Data Security FTC Act Enforcement Settlement Consent Order Gramm-Leach-Bliley

    Share page with AddThis
  • Japanese bank pays $33 million to settle NYDFS claims of weak BSA/AML controls

    State Issues

    On June 24, the New York Department of Financial Services (NYDFS), together with the New York Attorney General, announced a $33 million settlement with a Japanese bank resolving allegations the bank’s internal controls—specifically, its anti-money laundering (AML), Bank Secrecy Act (BSA), and Office of Foreign Assets Control (OFAC) sanctions compliance programs—at its New York Branch were “systematically deficient” between November 2014 and November 2018. This allegedly resulted in violations of state and federal laws and regulations, as well as two previous NYDFS consent orders from 2013 and 2014. The settlement resolves an action that was commenced by the bank against NYDFS in connection with a 2017 application with the OCC to convert its state-licensed branches in New York, Illinois, and California and its state-licensed agency offices in Texas to federally licensed branches and agency offices. The action sought to block a NYDFS order that would keep the bank under its supervisory purview notwithstanding the OCC’s granting of the federal charter. The settlement indicates that neither NYDFS, NYAG, or the bank admit any wrongdoing, but have agreed to dismiss all outstanding claims, upon the bank’s monetary payment. The settlement states that NYDFS releases the bank of any further obligations related to the previous consent orders and notes that it “will not attempt to exercise any visitorial power or other supervisory, regulatory, or enforcement authority over [the bank] or its branches or agencies.”

    State Issues NYDFS State Attorney General Bank Secrecy Act Anti-Money Laundering Financial Crimes Consent Order Supervision OCC

    Share page with AddThis
  • SEC separately settles ADR allegations against international bank subsidiary and securities company

    Securities

    On June 14, the SEC announced a $42 million settlement with a wholly-owned subsidiary of an international bank to resolve allegations that certain associated persons on its securities lending desk allegedly improperly pre-released American Depositary Receipts (ADRs), or “U.S. securities that represent shares in foreign companies.”  The SEC announcement explains that “[t]he practice of ‘pre-release’ allows ADRs to be issued without the deposit of foreign shares, provided brokers receiving them have an agreement with a depositary bank and the broker or its customer owns the number of foreign shares that corresponds to the number of shares the ADRs represent.” According to the SEC, the subsidiary “improperly obtained pre-released ADRs from depositary banks when [the subsidiary] should have known that neither the firm nor its customers owned the foreign shares needed to support those ADRs.” The SEC asserts that this resulted in an inflated total number of foreign issuer’s tradeable securities and short selling and dividend arbitrage. The SEC alleged that these practices violated the Securities Act of 1933 and claimed that the subsidiary failed to reasonably supervise its securities personnel. The consent order requires the subsidiary to pay more than $24 million in disgorgement, roughly $4.4 in prejudgment interest, and a civil money penalty of approximately $14.3 million. The order acknowledges the subsidiary’s cooperation in the investigation.

    On the same day, the SEC announced an $8.1 million consent order with a securities company to resolve allegations that the company allegedly improperly pre-released American Depositary Receipts (ADRs). According to the SEC, the company, in violation of the Securities Act of 1933, “improperly obtained pre-released ADRs from depositary banks when [the company] should have known that neither the firm nor its customers owned the foreign shares needed to support those ADRs.” The SEC announcement asserts that the lack of shares to support the ADRs resulted in an inflated total number of foreign issuer’s tradeable securities and short selling and dividend arbitrage. Additionally, the SEC alleges the company failed to establish and implement effective policies and procedures to address whether the company was in compliance with its obligations in connection with pre-release transactions. The consent order requires the company to pay more than $4.8 million in disgorgement, approximately $800,000 in prejudgment interest, and a civil money penalty of more than $2.4 million. The order acknowledges the company’s cooperation in the investigation.

     

    Securities SEC American Depositary Receipts Enforcement Consent Order

    Share page with AddThis
  • SEC settles American Depositary Receipts allegations against international bank subsidiary

    Securities

    On June 14, the SEC announced a $42 million settlement with a wholly-owned subsidiary of an international bank to resolve allegations that certain associated persons on its securities lending desk allegedly improperly pre-released American Depositary Receipts (ADRs), or “U.S. securities that represent shares in foreign companies.” According to the SEC, the subsidiary “improperly obtained pre-released ADRs from depositary banks when [the subsidiary] should have known that neither the firm nor its customers owned the foreign shares needed to support those ADRs.” The SEC asserts that this resulted in an inflated total number of foreign issuer’s tradeable securities and short selling and dividend arbitrage. The SEC alleged that these practices violated the Securities Act of 1933 and claimed that the subsidiary failed to reasonably supervise its securities personnel. The consent order requires the subsidiary to pay more than $24 million in disgorgement, roughly $4.4 in prejudgment interest, and a civil money penalty of approximately $14.3 million. The order acknowledges the subsidiary’s cooperation in the investigation.

     

    Securities American Depositary Receipts Settlement Consent Order

    Share page with AddThis
  • FTC settles with software provider over data security failures

    Federal Issues

    On June 12, the FTC announced a settlement under which a software provider agreed to better protect the data it collects, resolving allegations that the company failed to implement reasonable data security measures and exposed personal consumer information obtained from its auto dealer clients in violation of the FTC Act and the Standards for Safeguarding Customer Information Rule, issued pursuant to the Gramm-Leach-Bliley Act.

    In its complaint, the FTC alleged the company’s failure to, among other things, (i) implement an organization information security policy; (ii) implement reasonable guidance or training for employees; (iii) use readily available security measures to monitor systems; and (iv) impose reasonable data access controls, resulted in a hacker gaining unauthorized access to the company’s database containing the personal information of approximately 12.5 million consumers. The proposed consent order requires the company to, among other things, implement and maintain a comprehensive information security program designed to protect the personal information it collects, including implementing specific safeguards related to the FTC’s allegations. Additionally, the proposed consent order requires the company to obtain third-party assessments of its information security program every two years and have a senior manager certify compliance with the order every year. 

    Federal Issues FTC Privacy/Cyber Risk & Data Security FTC Act Enforcement Settlement Consent Order

    Share page with AddThis
  • CFPB fines student loan servicer $3.9 million for unfair practices

    Federal Issues

    On May 1, the CFPB announced a $3.9 million settlement with a student loan servicing company. The settlement resolves allegations that the company engaged in unfair practices by failing to make adjustments to loans made under the Federal Family Education Loan Program to account for circumstances such as deferment, forbearance, or entrance into the Income-Based Repayment (IBR) program. According to the consent order, between 2005 and 2015, certain accounts requiring manual adjustments to principal loan balances based on program participation were allegedly placed in “queues” to process the adjustments, which took, in some cases, years to process. The servicer allegedly did not inform affected borrowers that it did not complete the processing of their principal balances associated with the deferment, forbearance, or IBR participation. The queues allegedly resulted in some borrowers paying off incorrect loan amounts and other borrowers experiencing delays in loan consolidation while waiting for the servicer to adjust principal balances. In addition to the $3.9 million civil money penalty, the consent order requires the servicer to make the proper adjustments to the principal balances of the affected accounts or pay restitution to borrowers who paid off loans with inaccurate loan balances. The servicer is also required to comply with certain compliance monitoring, reporting, and recordkeeping requirements.

    Federal Issues CFPB Enforcement Consent Order Student Lending Civil Money Penalties Settlement UDAAP

    Share page with AddThis
  • FTC hits online student loan lender with order

    Federal Issues

    On February 25, the FTC announced it has approved a final consent order with an online student loan refinance lender resolving allegations that the lender violated the FTC Act by misrepresenting in television, print, and internet advertisements how much money student loan borrowers can save from refinancing their loans with the company. As previously covered by InfoBytes, the FTC alleged that the lender inflated the average savings consumers have achieved by refinancing through the lender, in some instances doubling the average savings by selectively excluding certain groups of consumers from the data. Additionally, the FTC also alleged that in some instances, the lender’s webpage misrepresented instances where a loan option would result in the consumer paying more on a monthly basis or over the lifetime of the loan, simply stating the savings would be “0.00.” In October 2018, without admitting or denying the allegations, the lender agreed to a consent order that required it to cease the alleged misrepresentations and agree to compliance monitoring and recordkeeping requirements. Following a public comment period, the FTC Commission voted 5-0 to approve the final consent order.

    Federal Issues Lending Student Lending FTC Enforcement FTC Act Settlement Consent Order

    Share page with AddThis
  • OCC releases February 2019 enforcement actions

    Federal Issues

    On February 15, the OCC released a list of recent enforcement actions taken against national banks, federal savings associations, and individuals currently and formerly affiliated with such entities. The new enforcement actions include a civil money penalty order against an individual, a notice of prohibition against an individual, and three removal and prohibition consent orders against individuals, and a cease and desist consent order described below.

    On January 7, the OCC entered into a consent order with a federal savings bank related to allegations of unsafe or unsound banking practices. The OCC alleges the bank failed to implement and maintain an effective compliance management system, risk governance framework, and information technology (IT) program. Among other provisions, the order requires the bank to develop written plans to strengthen the compliance, risk governance, and IT programs, and requires the Board to ensure the bank has adopted and implemented all the corrective actions required by the order. The bank neither admits nor denies the allegations and the OCC did not assess any monetary penalties against the bank.

    Federal Issues OCC Enforcement Bank Compliance Risk Governance Consent Order

    Share page with AddThis

Pages

Upcoming Events