InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
FTC Releases Updates to COPPA Compliance Plan
On June 21, the FTC released updated guidance designed to assist businesses when complying with the Children’s Online Privacy Protection Rule (COPPA), which regulates what websites and online services are required to do to ensure the protection of children’s privacy and safety online. Specifically, the updates address the following issues: (i) the method by which companies monitor the collection of personal data as technology evolves in order to stay compliant; (ii) they ways COPPA impacts the “Internet of Things” as new “connected devices” continue to expand beyond websites and mobile apps; and (iii) new methods such as “ knowledge-based authentication questions and using facial recognition to get a match with a verified photo ID” to obtain parental consent. Additionally, the FTC revised its Six-Step Compliance Plan for Your Business to help companies determine whether they are covered by COPPA and how to comply with the rule.
CFPB Encourages Alternatives to Deferred Interest Promotional Offers to Provide Transparency to Consumers
On June 8, the CFPB reported that it sent letters encouraging top retail credit card companies to consider consumer financing promotions that are more transparent than the often-used deferred-interest credit card. These deferred-interest cards offer no interest on the promotional balance, but only if it is paid off by the end of the promotional period. If any promotional balance remains when the promotional period ends, consumers are charged retroactive interest on the entire promotional balance from the time of purchase.
The CFPB suggests that a zero percent introductory interest rate is a better option for consumers who are sometimes confused by the retroactive interest in the deferred-interest products. Unlike with deferred interest, under 0% interest promotions, consumers are not assessed interest retroactively if the promotional balance is not paid in full by the end of the promotional period. As previously reported in InfoBytes, some consumers may have difficulty understanding the different credit terms when comparing deferred-interest promotions to zero interest promotions. According to the letters, because deferred-interest programs may be more difficult to understand than zero interest promotions, they require credit card companies to have robust compliance management systems and third party oversight measures to ensure consumers are fully informed of the true costs of the promotional financing.
In a blog post from June 8, the CFPB explains the differences between zero interest promotions and deferred-interest promotions, and offers examples of each promotion.
FDIC Fines Two California Bank Employees for BSA/AML Violations
On March 31, the FDIC released a list of enforcement actions taken against banks and individuals in February 2017. Among those listed was a February 14 stipulated order imposing a $70,000 civil money penalty against an employee of a California bank (Respondent) for allegedly engaging or participating in actions that caused the bank to violate the Bank Secrecy Act, thus resulting in financial loss or damage. According to the FDIC, the violations reflected a “continuing disregard for the safety or soundness of the bank” and were evidence of the Respondent’s “unfitness to serve as a . . . person participating in the conduct of the affairs, or as an institution-affiliated party of the bank [or] any other insured depository institution.” In addition to the civil money penalty, the Respondent is prohibited from further participation “in any manner in the conduct of the affairs of any financial institution or agency.”
The FDIC also imposed a $30,000 civil money penalty against the bank’s executive vice president of corporate and international banking for breaching his fiduciary duty during the period of 2011 – 2012 by failing to ensure his staff fully complied with the Bank Secrecy Act and its implementing regulations. And, as previously reported in InfoBytes, in July 2015 the bank was fined $140 million by the FDIC and the Commissioner of the California Department of Business Oversight for allegedly failing to implement and maintain a satisfactory BSA/AML compliance program.
CFPB Director Speaks at National Community Reinvestment Coalition Conference; Discusses Regulatory Review at Chamber of Commerce 11th Annual Capital Markets Summit
On March 29, CFPB Director Richard Cordray spoke at the National Community Reinvestment Coalition Conference in Washington, D.C. to discuss, among other things, the Equal Credit Opportunity Act and the difficulties faced by individuals who cannot obtain mainstream credit. As previously covered in InfoBytes, the CFPB is exploring the risks and benefits of using “alternative data” to assist consumers whose limited credit histories prevent them from accessing many lending opportunities. Cordray stated that one of the CFPB’s priorities “is [to increase] the availability of responsible financial products and services, especially for those who have been underserved or shut out.”
The next day, on March 30, Cordray spoke at the U.S. Chamber of Commerce’s 11th Annual Capital Markets Summit in Washington, D.C. In prepared remarks, Cordray discussed the regulatory compliance challenges and burdens that financial organizations face, as well as the CFPB’s efforts to assist with regulatory implementation, the development of clearer guidance, and methods to streamline and modernize regulations based on effectiveness. Cordray noted the CFPB’s efforts to improve and adapt regulations based on the needs of the industry. “We learn from the comments we receive and our final rules are helpfully informed by that input on a consistent basis,” Cordray stated. “But even after we issue a final rule, if the data shows over time that any of our substantive calls need to be reconsidered, we can and will face the issue frankly and address it. We will not let pride of authorship interfere with the serious task of policymaking in the interests of consumers and the American public.” As mandated by Congress, the CFPB must review any significant rules after five years have passed. The CFPB plans to review remittance rules followed by a review of the mortgage rules. Cordray also noted efforts to address ambiguities and conflicts in other areas such as debt collection and payday lending.
Bank Holding Company and Nonbank Auto Lender Subsidiary Sign New Written Agreement with Boston Fed
On March 21, the Federal Reserve Bank of Boston (Boston Fed) and a national bank holding company and its nonbank subsidiary (a Dallas-based auto lender) entered into a Written Agreement to address concerns related to their July 2015 Written Agreement, which required a detailed description of the holding company’s efforts to strengthen board oversight specifically with regard to committees, executive positions, and lines of reporting (see July 2015 InfoBytes summary). The 2017 Written Agreement is a result of deficiencies identified by the Boston Fed in the subsidiary’s compliance risk management program. The terms of the current Written Agreement require, among other things, the board of directors of the subsidiary to submit a revised compliance risk management plan addressing, among others: (i) comprehensive compliance risk assessments to identify “risks associated with applicable consumer compliance laws”; (ii) enhanced written policies and procedures to address risks arising from noncompliance; and (iii) a revised code of conduct for employees that outlines rules governing compliance and reporting processes for known or suspected violations of consumer compliance laws, regulations, and supervisory guidance. Furthermore, the company must submit written revisions to its firmwide internal audit program with respect to auditing its revised compliance risk management program.
District Court Upholds CFPB CID Targeting the Marketing of “Contracts for Deed”
On February 17, a U.S. District Court held that home sellers who use contracts for deed are required to comply with CFPB Civil Investigative Demands (CIDs) asking for information about possible illegalities in selling or collecting residential property purchase loans. CFPB v Harbour Portfolio Advisors, LLC et al., [Order] No. 16-14183 (E.D. Mich. Feb. 17, 2017). Specifically, the Court found that the Bureau is not “plainly lacking” in jurisdiction to look into contracts for deed, and the CIDs were not unduly burdensome.
Back in November, the CFPB had petitioned the court to enforce CIDs served on Respondents. At issue before the Court was whether the Bureau’s investigative authority extends to the selling, marketing, and servicing of a financial product called an Agreement for Deed (“AFD”), otherwise known as a “contract for deed” or a “land installment contract.” Respondents thereafter petitioned the Bureau to set aside the CIDs, offering three reasons why the CIDs should not be enforced: (i) the CFPB exceeded its authority in issuing the CIDs; (ii) the companies had not been given fair notice that contracts for deed could be covered by federal financial consumer protection laws; and (iii) the CIDs were unduly burdensome and should be modified.
Each of these three arguments was rejected by the court: (i) as to the Bureau’s authority, the court found that objection premature, noting that the Bureau need only establish a “plausible reason” to believe the companies might have information related to violations of the federal financial consumer protection laws; (ii) the court similarly held the “fair notice” argument to be premature at the investigation stage; and (iii) in rejecting Respondent’s arguments that the burden of compliance was excessive, the court noted that the CFPB was entitled to documents that “will help the Bureau develop a complete understanding of Respondents’ practices and operations” and that Respondents’ assertions about the cost of compliance and the burden on its few employees were not corroborated.
Major Regional Bank Agrees to Fix Anti-Money Laundering Controls in Fed/FDIC Orders
On January 27, the Federal Reserve publicly released a cease-and-desist order against a regional bank concerning its anti-money laundering (AML) program. The order, which is dated January 25, requires the bank to address certain deficiencies identified in a review of the bank’s AML compliance program by the Federal Reserve Bank of Richmond and develop a firm-wide compliance risk management program addressing the AML requirements. The order follows a recent Stipulated Order with the FDIC against the same bank concerning similar allegations and calling for, among other things, corrective actions and enhancements to address certain internal control deficiencies.
Fed Outlines How Banks May Seek "Illiquid Funds" Extension Under Volcker Rule
On December 12, the Fed announced additional details addressing the way in which banking entities may seek an extension of the July 21, 2017 deadline by which they are to divest assets that are not permitted by the Volcker Rule. According to the Fed, illiquid legacy investments are expected to generally qualify for deadline extensions of up to five years, as long as the company has made appropriate efforts to deal with those investments, has an adequate compliance program, and the Fed is not concerned that the company is attempting to evade the deadline. The Fed has also made available both a Supervision and Regulation Letter (SR 16-18) and a statement of policy that describe its expectations when an application for an extension is submitted.
First Israeli Enforcement Action Against a Company for Bribery of Foreign Government Officials
In a first under Israeli law, an IT solutions provider was fined approximately $1.2 million by the Tel Aviv Magistrate’s Court on December 15 for bribing a government official from the African county of Lesotho. The Israel-based company produces high-tech identification cards and products for population registration and border control. In 2012, the company entered into a $30 million agreement with the government of Lesotho to sell its products to the African country. The company was charged with paying a mediator $500,000 to advance that deal, with a significant amount of that sum intended as a bribe for the director general of Lesotho’s interior ministry. As part of the plea agreement, the company must also cooperate with an ongoing parallel investigation in Lesotho and implement an anti-corruption compliance program.
The prosecution and plea agreement represent the first time a company has been indicted or convicted of bribing a foreign official under Israeli law. In July 2008, Israel added Article 291A to its penal code, outlawing bribery of foreign public officials. The law was enacted in conjunction with Israel entering the UN Convention against Corruption in February 2009 and the OECD Convention on Combating Bribery of Foreign Public Officials in International Business Transactions in March 2009. Prior to the case against the company, Israel had come under international criticism for lack of enforcement of Article 291A. The case adds Israel to the list of countries prosecuting companies for bribery of foreign officials and places Israeli companies on notice of future prosecutions.
CFPB Issues Advisory Bulletin on Detecting and Preventing Consumer Harm from Production Incentives
In a November 28 advisory bulletin entitled Detecting and Preventing Consumer Harm from Production Incentives, the CFPB highlights examples from its supervisory and enforcement experience in which incentives contributed to substantial consumer harm. The bulletin also describes compliance management steps that supervised entities should take to mitigate risks posed by incentives. Among other things, the CFPB clarifies that it is not outlawing sales incentives or other similar programs, but rather is cautioning companies that such programs can lead to abuse. As explained in the bulletin, “[t]ying bonuses or employment status to unrealistic sales goals or to the terms of transactions may intentionally or unintentionally encourage illegal practices such as unauthorized account openings, unauthorized opt-ins to overdraft services, deceptive sales tactics, and steering consumers into less favorable products.”