InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
Texas issues a cease and desist order against a securities firm
On April 22, the Securities Commission of the State of Texas issued an Emergency Cease and Desist Order pursuant to the Texas Securities Act against respondents for allegedly offering investments in a digital gold vault that “purportedly secured physical gold and generates passive income using fintech and blockchain technology,” and are therefore subject to the Securities Act. The Securities Commission alleged that the investments were being “illegally, deceptively and fraudulently offered in Texas” and issued the Emergency Cease and Desist Order to “stop the scheme and protect the public from immediate and irreparable harm.” Respondents were ordered to immediately cease and desist from: (i) offering any security in Texas until the security is properly registered or exempt from registration; (ii) acting as securities dealers, agents, investment advisors, or investment advisor representatives in Texas until they are registered with the Securities Commissioner or exempt from registration; (ii) engaging in any fraud in connection with the offer for sale of any security in Texas; and (iv) offering securities in Texas through an offer containing a statement that is materially misleading or otherwise likely to deceive the public.
OCC releases enforcement actions for April 2024
On April 18, the OCC released a list of recent enforcement actions against national banks, federal savings associations, and individuals affiliated with such entities (defined as institution-affiliated parties, or IAPs). The actions against banks include two formal agreements and one cease and desist order against three individual banks. In each instance, the OCC alleged that the banks engaged in unsafe or unsound practices related to some combination of board oversight, liquidity management, capital requirements, or credit risk. With respect to IAPs, the announcement included four enforcement actions against IAPs to “deter, encourage correction, or prevent violations, unsafe or unsound practices, or breaches of fiduciary duty,” The OCC issued prohibition orders, which prohibit the IAP from any participation in affairs of a bank or other institution), for all four IAPs and assessed civil money penalties ranging from $40,000 to $400,000 against three of them. The announcement also included two more prohibition orders against two additional IAPs for criminal activities. More information on the OCC’s enforcement action types can be found here.
FTC orders tax filing software company to cease and desist following ALJ decision
On January 22, the FTC issued an opinion and order against the maker of a popular tax filing software. The FTC found that the company engaged in unfair and deceptive acts or practices by marketing the software as “free” when it was not available as free to more than two-thirds of consumers and ordered the company to “cease and desist making the deceptive claims.”
The FTC’s opinion and order were issued after its de novo review following the September 2023 ruling from an administrative law judge (“ALJ”), in the FTC’s March 2022 administrative complaint against the company (previously reported by InfoBytes here), in which the ALJ found that the company engaged in deceptive advertising.
The company is a publicly traded corporation that offers a variety of software programs. The software in question is a program that assists customers with preparing and filing their taxes. The FTC alleged that since 2016 the company marketed its tax filing software in violation of Section 5 of the FTC Act through television and online ads, stating consumers could file their taxes for free when less than one-third of taxpayers were eligible for the company’s free edition of the software.
The FTC took issue with the company’s claim that the software was “free” when it restricted its eligibility for the free version to those with “simple tax returns.” While the definition of “simple tax returns” has changed over time, in 2022 it was limited to filed returns that included a Form 1040 with limited attached schedules. However, the FTC alleged most taxpayers do not have “simple tax returns” as defined by the company, including those with mortgage or property income, investment income, or charitable donations over $300.
According to the FTC, from 2016 to 2022, the company ran “dozens” of unique ads through television, radio, the internet, social media, and other advertising channels, that garnered “billions of impressions.” The company and its ad agency understood that advertising its product as free would be a “powerful” lure to entice new customers, stating “Lead with [f]ree to raise heads and drive traffic and acquisition[.]” Although disclaimers are present in the ads, the FTC alleged the company’s disclaimers are inadequate to “cure the misrepresentations” faced by the consumer.
The company continued to market its products as free for three years after multiple lawsuits were filed by the Los Angeles City Attorney and the County Counsel for the County of Santa Clara, California, alleging unfair and deceptive marketing of free versions of the software. Various state Attorneys General opened subsequent investigations that led the company to enter into a settlement agreement with all fifty states pursuant to which the company agreed to pay $141 million and submit to restrictions on its advertising and marketing of the software. Among other restrictions, the FTC’s final order prohibits the company from making any misrepresentations of the cost of its products and services, or the requirement that a consumer use its paid products or services in order to accurately file their taxes online or claim a credit or deduction. Additionally, the order imposes record-keeping and reporting requirements that will remain effective for a period of twenty years after the issuance date of the order.
OCC releases January enforcement actions
On January 17, the OCC released a list of recent enforcement actions taken against national banks, federal savings associations, and individuals currently and formerly affiliated with such entities. Included is a notice of charges seeking cease and desist orders against three subsidiary banks of the same bank holding company (see here, here, and here), which alleged that each bank engaged in unsafe or unsound practices relating to an investment strategy concentrated in long-term securities. The unsafe practices, the OCC explained, exposed each bank to excessive interest rate risk without adequate sources of contingency funding and contingency capital. The OCC further alleged that each bank failed to mitigate such risk in a timely manner.
OCC issues cease-and-desist order to NY bank
On December 14, the OCC released a list of recent enforcement actions taken against national banks, federal savings associations, and individuals that are or were affiliated with such entities. Included is a cease-and-desist order against an upstate New York bank for allegedly engaging in unsafe or unsound practices, including on the bank’s corporate governance, capital planning, interest rate risk management, liquidity risk management, and reports of condition.
Under the order, the bank must appoint a compliance committee to take corrective action, submit a three-year strategic plan to establish objectives for the bank’s risk profile, earnings performance, growth, and balance sheet mix, among other areas, and maintain a capital ratio of at least 15 percent, a common equity tier 1 capital of at least equal to 14 percent, and a leverage ratio of at least ten percent. The order also requires the bank to create an interest rate risk program and a third-party risk management program.
OCC releases enforcement actions
On November 16, the OCC released a list of recent enforcement actions taken against national banks, federal savings associations, and individuals currently and formerly affiliated with such entities. Included is a cease and desist order against an Indiana bank for allegedly engaging in unsafe or unsound practices, related to corporate governance and enterprise risk management, credit underwriting and administration, liquidity risk management, and interest rate risk management. The order requires the bank to, among other things, (i) provide quarterly reports detailing corrective action and efforts to comply with the order; (ii) develop a written strategic plan; (iii) maintain specified capital ratios; (iv) engage an independent third party to review board and management supervision; (v) submit a written concentration risk management program and a written liquidity risk management program; (vi) adopt a credit underwriting and administration program; (vii) submit and adopt a written adequate allowance for credit losses; and (viii) adopt a written credit derivatives program.
Bank to pay Fed, NYDFS almost $30 million for deficient third-party risk management practices
On October 19, the Fed and NYDFS announced an enforcement action against a New York-based bank for alleged violations of consumer identification rules and deficient third-party risk management practices. NYDFS Superintendent Adrienne A. Harris stated that the bank failed to prevent a “massive, ongoing fraud” related to its prepaid card program. According to the Fed’s cease-and-desist order, illicit actors managed to open prepaid card accounts through a third-party, and moved hundreds of millions of dollars of direct deposit payroll payments and state unemployment benefits through the accounts. The Fed’s order requires the bank to, among other things, improve its oversight, create a new product review program, enhance its customer identification program, and submit a plan to enhance its third-party risk management program. The bank’s plan must include (i) policies and procedures to ensure third-party service providers are complying with federal and state law; (ii) a third-party risk management oversight program; (iii) policies and procedures to ensure the bank’s Chief Compliance Officer has sufficient resources to properly access the bank’s prepaid card program and is adequately staffed; and (iv) a comprehensive identity theft prevention program. The Fed also requires the bank to pay a civil money penalty of approximately $14.5 million. Under NYDFS’s consent order, the bank agreed to pay an additional $15 million civil monetary penalty, and to submit remediation and program reporting.
Fed announces enforcement action against Kansas bank for operational deficiencies
On September 5, the Fed announced a cease and desist order (the “order”) against a Kansas bank holding company and its subsidiary bank (collectively, the “bank”) for having significant operational deficiencies, including deficiencies related to staffing, internal controls, credit risk management, lending and credit administration, capital, information technology and information security, books and records, regulatory reporting, liquidity and funds management, earnings, interest rate risk management, third-party risk management, and other deficiencies such as compliance with federal laws related to AML/BSA requirements.
The order directs the bank to, among other things, (i) strengthen board oversight; (ii) engage a third party to conduct an assessment of the bank’s corporate governance and staffing; (iii) improve lending and credit administration policies and procedures; (iv) correct the identified information technology and information security deficiencies; (v) revise its allowance for credit losses methodology to comply with supervisory guidance; (vi) enhance interest rate risk management practices; (vii) improve internal controls; (viii) submit a written plan to maintain sufficient capital; (ix) enhance liquidity risk management; and (x) improve the bank’s earnings and overall condition. The order also directs the Bank to improve its BSA/AML compliance program and internal audit program, and to take all necessary steps to correct all violations of law or regulation and to ensure future compliance.
SEC charges broker-dealer with failure to file suspicious activity reports
On August 29, the SEC announced that it had brought charges against a Chicago-based broker-dealer. The SEC alleged that between August 2012 and September 2020 the broker-dealer failed to file over 400 hundred legally required suspicious financial transaction reports related to over-the-counter securities transactions executed in the broker-dealer’s alternative trading system (ATS). According to the SEC’s order, it was found that the broker-dealer did not establish an anti-money laundering surveillance program until September 2020, despite having thousands of high-risk microcap and penny stock securities transactions executed daily on its ATS.
Daniel R. Gregus, Director of the SEC’s Chicago Regional Office, stated, “All SEC-registered broker-dealers have the responsibility to comply with the requirements of the Bank Secrecy Act, including the obligation to file SARs.”
Without admitting or denying that it violated Section 17(a) of the Securities Exchange Act and Rule 17a-8, the broker-dealer agreed to a censure and a cease-and-desist order, along with a $1.5 million penalty.
SEC charges fintech investment adviser for misleading advertising
On August 21, the SEC announced charges against a New York-based fintech investment adviser for using hypothetical performance metrics in misleading advertisements, compliance failures that led to misleading disclosures, and failure to adopt policies concerning crypto asset trading by employees, among other things. These charges mark the first violation of the SEC’s amended marketing rule.
According to the order, the fintech investment adviser made misleading statements on its website by failing to include material information, and without having adopted and implemented required policies and procedures under the SEC’s marketing rule. The SEC also found that the company made conflicting disclosures regarding crypto assets custody and failed to adopt policies related to employee personal trading in crypto assets.
The company consented to the order finding that it violated the Advisers Act and without admitting or denying the SEC’s findings, entered into a cease-and-desist order, a censure, and agreed to pay $192,454 in disgorgement, prejudgment interest and an $850,000 civil penalty that will be distributed to affected clients.