Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On June 7, the U.S. Court of Appeals for the 6th Circuit affirmed a lower court’s ruling that an agreement between a Texas-based merchant and a payment processor did not require the merchant to pay millions of dollars in damage-control costs related to two card system data breaches. After the data breaches, the payment processor withheld routine payment card transaction proceeds from the merchant, asserting that the merchant was responsible for reimbursing the amount that the issuing banks paid to cardholders affected by the breaches. However, the merchant refused to pay the payment processor, relying on a “consequential damages waiver” contained in the agreement.
The payment processor argued that, under the agreement’s indemnification clause and provision covering third-party fees and charges, the merchant retained liability for assessments passed down from the card brands’ acquiring bank. The district court, however, granted summary judgment to the merchant, finding that the merchant was not liable for the card brands’ assessments. The court further ruled that the payment processor materially breached the agreement when it diverted funds to reimburse itself.
On review, the 6th Circuit agreed with the lower court that the assessments “constituted consequential damages” and that the agreement exempted consequential damages from liability under a “conspicuous limitation” to the indemnification clause. According to the 6th Circuit, the “data breaches, resulting reimbursement to cardholders, and levying of assessments, though natural results” of the merchant’s failure to comply with the Payment Card Industry's Data Security Standards, “did not necessarily follow from it.” In addition, the appellate court agreed with the district court’s holding that third-party fees and charges in the contract refer to routine charges associated with card processing services rather than liability for a data breach. The appellate court also concurred that the payment processor’s decision to withhold routine payment card transactions, constituted a material breach of the agreement.
On February 6, the U.S. Court of Appeals for the 2nd Circuit affirmed the judgment of the district court dismissing, as untimely, a trustee’s breach of contract and indemnity claims related to losses resulting from alleged defects in mortgage loans. At issue are three pools of residential home mortgages that at the time of sale had an aggregate principal balance exceeding $3.4 billion. These loans were sold by a mortgage company to Lehman Brothers Holding Inc. and Lehman Brothers Bank FSB in 2006 and subsequently securitized into three trusts. In addition to the representations and warranties made and the remedies provided in the Mortgage Loan Purchase Agreements (MLPAs) and Trust Agreements, the mortgage company, Lehman, and the depositor entered into a separate Indemnification Agreement for each trust, which contained its own representations and warranties indemnification provision. Investors, including Freddie Mac, purchased certificates in the trusts.
According to the court, Freddie Mac conducted a forensic review of the trusts six years after the sale, which allegedly revealed that an “overwhelming percentage” of the loans in the trusts breached the mortgage company’s representations and warranties (R&W). Shortly after discovery, the trustee submitted breach notices to the mortgage company, which did not cure or repurchase the loans.
The Federal Housing Finance Agency (FHFA), as conservator for Freddie Mac, filed a complaint against the mortgage company asserting breach of contract and indemnification claims. After the FHFA dropped out of the litigation, the trustee filed an amended complaint that included two breach of contract counts and two indemnification counts—one seeking indemnification based on the MLPAs and Trust Agreements and another seeking indemnification based on the Indemnification Agreements.
The mortgage company moved for summary judgment on the first three claims and moved to dismiss the fourth claim. The district court granted the motion. It found that the breach of contract claims were time-barred because the FHFA filed the summons with notice more than six years after the limitations period at issue, which begins to run on the effective date of the R&Ws. The court also found the trustee’s indemnification claim based on the MLPAs and Trust Agreements to be time-barred because it was “merely a reformulation of its breach-of-contract claims.” The district court dismissed the other indemnification claim based on the Indemnification Agreements as time-barred because it involved a new set of operative facts and thus could not relate back to the original complaint filed by the FHFA.
On review, the 2nd Circuit affirmed the lower court’s decision. As to the breach of contract claims, the 2nd Circuit relied on two New York Court of Appeals cases: Ace Securities Corp. v. DB Structured Products, which held that the six year statute of limitations begins to run on the effective date of R&Ws, and Deutsche Bank National Trust v. Flagstar Capitals Market Corporation which held that an express accrual clause in a contract cannot delay the start of a limitations period under New York law. With respect to the third cause of action for indemnification under the MLPAs and Trust Agreements, the 2nd Circuit stated that absent unmistakably clear language in an indemnification agreement that demonstrates that the parties intended this clause to cover first-party claims as opposed to third-party claims, an agreement between two parties to indemnify each other does not mean that one party’s failure to perform gives rise to an indemnification claim. In reviewing the claim at issue in count three, the court found that the claim sought payment to the trustee arising from the mortgage company’s alleged breach of R&Ws, which is a breach of contract claim. The trustee argued that the indemnification section provided an independent remedy, but the 2nd Circuit rejected that argument stating that a claim is not independent if its success directly depends on the breach of the R&Ws in the MLPAs outlined in the contract claims. Finally, with respect to the fourth clause of action for indemnification, the 2nd Circuit held that this claim filed in 2016, would only be timely if it related back to the facts of the earlier claims, but since it arose out of different contracts it therefore could not relate back.
- Amanda R. Lawrence to discuss "Navigating the challenges of the latest data protection regulations and proven protocols for breach prevention and response" at the ACI National Forum on Consumer Finance Class Actions and Government Enforcement
- Tim Lange to discuss "Ease your pain at the state level: Recommendations for navigating the licensing issues in the states" at the Online Lenders Alliance Compliance University
- Amanda R. Lawrence, Aaron C. Mahler, and Jonice Gray Tucker to discuss "Expanded role for the FTC ahead: Implications for bank and nonbank financial institutions" at an American Bar Association Banking Law Committee Webinar
- Buckley Webcast: Flirting with alternatives — Opportunities and challenges created by alternative data, modeling, and technology
- Daniel P. Stipano to discuss "Reporting requirements for credit unions: CTRs and SARs" at the National Association of Federally-Insured Credit Unions BSA Seminar
- Daniel P. Stipano and Moorari K. Shah to discuss "Vendor management: What is the NCUA looking for?" at the National Association of Federally-Insured Credit Unions BSA Seminar
- Sasha Leonhardt and John B. Williams to discuss "Privacy" at the National Association of Federally-Insured Credit Unions Summer Regulatory Compliance School
- Warren W. Traiger to discuss "CRA modernization" at the National Association of Industrial Bankers and the Utah Association of Financial Services Annual Convention
- Benjamin W. Hutten to discuss "Requirements for banking inherently high-risk relationships" at the Georgia Bankers Association BSA Experience Program
- Hank Asbill to discuss "Ethical guidance in conducting internal investigations – The intersection of Yates and Upjohn" at the American Bar Association Southeastern White Collar Crime Institute
- Brandy A. Hood to discuss "RESPA Section 8/referrals: How do you stay compliant?" at the New England Mortgage Bankers Conference
- Daniel P. Stipano to discuss "Risk management in enforcement actions: Managing risk or micromanaging it" at the American Bar Association Business Law Section Annual Meeting
- Daniel P. Stipano to discuss "Navigating the conflicting federal and state laws for doing business with cannabis companies" at the American Bar Association Business Law Section Annual Meeting
- Tim Lange to discuss "Services and value" at the North American Collection Agency Regulatory Association Annual Conference
- Amanda R. Lawrence to discuss "Data privacy litigation" at the Mortgage Bankers Association Regulatory Compliance Conference
- Jonice Gray Tucker to discuss "HMDA data is out, now what?" at the Mortgage Bankers Association Regulatory Compliance Conference
- Daniel P. Stipano to discuss "Assessing the CDD final rule: A year of transitions" at the ACAMS AML & Financial Crime Conference
- Daniel P. Stipano to discuss "Lessons learned from recent enforcement actions and CMPs" at the ACAMS AML & Financial Crime Conference
- Amanda R. Lawrence to discuss "How to balance a successful (and stressful) career with greater personal well-being" at the American Bar Association Women in Litigation Joint CLE Conference