Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On September 19, the Department of Veterans Affairs issued a change to Circular 26-21-20 extending the rescission date to align with the end of Covid-19 pandemic, including conforming changes to VA’s expectation as to the completion of a forbearance period. As previously covered by InfoBytes, the VA issued Circular 26-21-20 in September 2021 to clarify timeline expectations for forbearance requests submitted by affected borrowers. The September 2021 Circular stated thar “[f]or borrowers who have not received a COVID-related forbearance as of the date of this Circular, servicers should approve requests from such borrowers provided that the borrower makes the request during the National Emergency Concerning the Novel Coronavirus Disease 2019 (COVID-19) Pandemic,” and that all Covid-19 related forbearances would end by September 30, 2022. However, Change 1 stated that “September 30, 2022” should be replaced with “six months after the end of the National Emergency Concerning the Novel COVID-19 Pandemic.” The circular is rescinded March 1, 2023.
On September 19, the FTC and the California Department of Financial Protection (DFPI) announced a lawsuit against several companies and owners for allegedly operating an illegal mortgage relief operation. (See also DFPI’s announcement here.) The filing marks the agencies’ first joint action, which alleges the defendants’ conduct violated the California Consumer Financial Protection Law, the FTC Act, the FTC’s Mortgage Assistance Relief Services Rule (the MARS Rule or Regulation O), the Telemarketing Sales Rule, and the Covid-19 Consumer Protection Act. The agencies claimed that the defendants preyed on distressed consumers with false promises of mortgage assistance relief. According to the complaint, the defendants made misleading claims during telemarketing calls to consumers, including those with numbers on the National Do Not Call Registry, as well as through text messages and in online ads. In certain cases, defendants represented they were affiliated with government agencies or were part of a Covid-19 pandemic assistance program. Among other things, defendants falsely claimed they were able to lower consumers’ interest rates or payments, and instructed consumers not to pay their mortgages, leading to late fees and significantly lower credit score. Defendants also allegedly told consumers not to communicate directly with their lenders, which caused consumers to miss default notices and face foreclosure. Additionally, defendants charged consumers illegal up-front fees ranging from $500 to $2,900 a month, and told consumers they were negotiating loan modifications that in most cases never happened.
The U.S. District Court for the Central District of California granted a restraining order temporarily shutting down the defendants’ operations. In freezing the defendants’ assets and ordering them to submit financial statements, the court noted that the agencies established a likelihood of success in showing that the defendants “have falsely, deceptively, and illegally marketed, advertised, and sold mortgage relief assistance services.”
On September 13, the U.S. Attorney’s Office for the Southern District of Texas announced an agreement with a bank to pay approximately $18,600 to resolve allegations that it violated the False Claims Act (FCA). This “is believed to be the nation’s first settlement with a Paycheck Protection Program (PPP) lender pursuant to the [FCA],” the announcement said. As previously covered by a Buckley Special Alert, in March 2020, President Trump signed the Coronavirus Aid, Relief, and Economic Security Act, which provided a host of relief measures for small businesses, including $349 billion for Small Business Administration loan forgiveness, guarantees, and subsidies. According to the announcement, the bank approved and processed a $213,400 PPP loan for a clinic, despite knowing that the sole owner of the clinic was facing criminal charges arising from his practice of prescribing opioids and was therefore ineligible to apply for the PPP loan. The announcement noted that “the bank processed the application anyway and falsely granted the money to [the sole owner].” The bank received a 5 percent processing fee from the government, including $10,670 to which it was not entitled. The owner of the clinic entered a $523,000 settlement in November 2021, resolving allegations that he used false statements on his PPP application and allegedly submitted false claims for the placement of electroacupuncture devices. In 2022, the owner also repaid the PPP loan in full. According to the announcement, the settlement reflects the bank’s “efforts to cooperate with the government’s investigation and provide relevant facts along with its implementation of additional compliance measures.”
On August 29, the Washington State Superior Court entered a final order declaring that the Washington Insurance Commissioner exceeded his authority when he issued an emergency rule earlier this year banning the use of credit-based insurance scores in the rating and underwriting of insurance for a three-year period. As previously covered by InfoBytes, several industry groups led by the American Property Casualty Insurance Association (APCIA) sued to stop the rule from taking effect. The rule was intended to prevent discriminatory pricing in private auto, renters, and homeowners insurance in anticipation of the end of the CARES Act, and specifically prohibited insurers from “us[ing] credit history to place insurance coverage with a particular affiliated insurer or insurer within an overall group of affiliated insurance companies.” The rule applied to all new policies effective, and existing policies processed for renewal, on or after June 20, 2021. Industry groups countered that the rule would harm insured consumers in the state who pay less for auto, homeowners, and renters insurance because of the use of credit-based insurance scores to predict risk and set rates.
According to a press release issued by APCIA, earlier this year the superior court issued a bench decision granting the trade group’s petition for a declaratory judgment and invalidating the rule. The superior court “held that the Commissioner could not rely on the more general rating standard statute that prohibited “excessive, inadequate, or unfairly discriminatory” rates to “eliminate all meaning from the more specific credit history statutes by which the legislature had authorized its use.” Calling the final order “an important victory for Washington consumers, particularly lower risk senior policyholders who were forced to pay more to subsidize higher risk policyholders because the rule eliminated the use of credit,” the trade groups said they were pleased that the court agreed with their position that the Commissioner “exceeded his authority when he acted contrary to the longstanding statute that authorized the use of credit in the property and casualty insurance space.”
On August 18, the U.S. District Court for the Eastern District of Michigan dismissed a class action alleging violations of the EFTA brought against a national bank on behalf of consumers who were issued prepaid debit cards providing Covid-19 pandemic unemployment insurance payments. Two of the plaintiffs alleged they experienced fraudulent transactions on their accounts. According to the plaintiffs, the bank froze one of the defendant’s accounts but failed to credit his account for the allegedly fraudulent transaction. In response to a second plaintiff’s fraud report, the bank allegedly froze her account and informed her that she had “to contact the unemployment agency because an unauthorized person had ‘gained access to the card and was using the unemployment benefits.’” The third plaintiff alleged that the bank froze her account based on suspected fraud and was informed that she would have to contact someone else to unfreeze the account. Plaintiffs sued for violations of the EFTA and raised several breach of contract and negligence claims.
The court dismissed the EFTA claim on several grounds, including that (i) the second plaintiff’s claim is time-barred; (ii) the other two plaintiffs’ claims stem from the bank’s alleged errors related to unauthorized transactions, yet neither requested information or clarification about an electronic funds transfer; (iii) one of the plaintiffs never actually experienced fraud (the court emphasized that the EFTA does not regulate account freezes; it regulates electronic funds transfers); and (iv) one of the plaintiff’s failed to plausibly plead that he complied with the EFTA’s notification requirements that must be met before a defendant conducts an investigation. The court also determined that the breach of contract claims failed, citing, among other things, that if an account did not have an unauthorized transaction a defendant cannot breach its reimbursement duties. Nor did the other two plaintiffs provide proper notice to trigger the bank’s duty to investigate, the court wrote, adding that the negligence claims also failed because the plaintiffs failed to respond to a request asking them to show how the bank’s actions caused them injury.
On August 25, FHFA updated its Frequently Asked Questions (FAQ) regarding Fannie Mae and Freddie Mac assistance options for families impacted by the Covid-19 pandemic. Additionally, FHFA revised its “Tenant Protections for Enterprise-Backed Rental Properties in Response to COVID-19,” which is intended “to assist households that are unable to pay rent or utilities.” Among other things, the FAQs indicate that renters “living in a property financed by Fannie Mae or Freddie Mac have access to housing counselors with expertise in rental assistance programs and other programs to overcome financial hardships.” FHFA’s “Tenant Protections for Enterprise-Backed Rental Properties in Response to COVID-19,” clarifies and updates information for tenants in rental properties secured by a Fannie Mae or Freddie Mac mortgage.
On August 19, the Colorado attorney general published updated guidance on remotely working for employees of entities regulated by the Consumer Credit Unit. Memorandum HB 22-1410, which was signed by the governor on June 7, amended Colorado’s Uniform Consumer Credit Code so that a supervised lender licensee may permit its employees to work from a remote location, so long as the licensee complies with certain requirements. The memorandum also provided that the March 2020 guidance issued by the Consumer Credit Unit Administrator for employees of regulated entities during the COVID-19 pandemic “remains in effect for regulated entities not covered by HB22-1410, including collection agencies, debt management providers, and student loan servicers, and will remain in effect until the last day of the 2023 legislative session of the 74th General Assembly, May 10, 2023.” The memorandum also noted that “due to concerns regarding the COVID-19 outbreak, individuals who work for regulated entities may be required, or wish, to work from home to avoid further spread of the outbreak, even though their homes are not licensed as branches.”
The memorandum also disclosed that the state will not take any administrative, disciplinary, or enforcement actions for individuals working at home in what are technically unlicensed branches as long as certain criteria are met: (i) “The Colorado activity is conducted from the home location of an individual working on behalf of an entity who is licensed, registered, or files notification with the Administrator”; (ii) “The individual is working from home due to a reason connected to the Covid-19 outbreak and has informed the regulated entity in writing”; (iii) “None of the Colorado activity will be conducted in person with members of the public at the home location”; (iv) “Individuals working from home will not advertise, receive official mail directly, or permanently store any books or records at their remote location”; (v) “The Colorado licensee shall at all times exercise reasonable supervision of the licensable activity being performed at the home office and ensure sufficient safeguards to protect consumer information and data security”; and (vi) “The individual ceases conducting the activity from the home location as soon as reasonably possible, consistent with recommendations from the CDC, CDPHE, and applicable state health departments.”
On August 11, the U.S. District Court for the District of Maryland dismissed a putative class action alleging violations of the EFTA and state privacy and consumer protection laws brought against a national bank on behalf of consumers who were issued prepaid debit cards providing pandemic unemployment benefits. The named plaintiff—a self-employed individual who did not qualify for state unemployment insurance but who was eligible to receive temporary Pandemic Unemployment Assistance (PUA) benefits—alleged that he lost nearly $15,000 when an unauthorized user fraudulently used a prepaid debit card containing PUA funds that were intended for him. The court dismissed the class claims with respect to the EFTA and Regulation E, finding that the Covid-19 pandemic was a “qualified disaster” under applicable law and regulations (i.e. PUA payments were “qualified disaster relief payments”), and that as such, the payments satisfied the CFPB’s official interpretation of Regulation E and were excluded from the definition of a “prepaid account.” The court further explained that while relevant CFPB regulations define an “account” to include a prepaid account, Regulation E excludes “any ‘account that is directly or indirectly established through a third party and loaded only with qualified disaster relief payments.’” Because the prepaid debit card in question was established through a third party and was loaded only with PUA funds, it did not meet the definition of a “prepaid account” and therefore fell outside the EFTA’s definition of a covered account. The court also disagreed with the plaintiff’s contention that PUA payments were authorized by Congress in the CARES Act due to the public health emergency rather than a disaster.
On August 5, President Biden signed the Paycheck Protection Program and Bank Fraud Enforcement Harmonization Act (see H.R. 7352) and the COVID-19 Economic Injury Disaster Loan Fraud Statute of Limitations Act (see H.R. 7334). H.R. 7352 provides a 10-year statute of limitations for fraud by borrowers under the SBA’s Paycheck Protection Program, while H.R. 7334 establishes a 10-year statute of limitations for fraud by borrowers under the SBA’s Covid-19 Economic Injury Disaster Loan programs.
On July 11, the Financial Stability Board (FSB) outlined challenges and vulnerabilities facing the global financial system in a letter sent to G20 finance ministers and central bank governors. While recognizing that markets have seemingly coped with “evolving economic conditions and high volatility in an orderly manner” and that so far “[n]o major financial institution has shown signs of distress,” the FSB cautioned that vigilance is necessary, as unexpected economic deteriorations may test financial resilience. Among other topics, the FSB discussed targeted approaches for phasing out of Covid-19 measures to mitigate the adverse effects of high debt, and stressed that “[e]xit strategies need to reflect specific domestic economic conditions and avoid excessive financial market reactions, which may limit the scope to engineer a fully synchronized exit across jurisdictions.” Crypto-assets also create vulnerabilities, the FSB added, pointing to a recent FSB communication that clarified that stablecoins and other crypto-assets “do not operate in a regulation-free space” and warned crypto-asset providers that they may not operate in any jurisdiction without meeting applicable regulatory, supervisory, and oversight requirements. The FSB will take enforcement action against members that fail to comply with existing legal obligations, it said, adding that it is currently working to ensure that crypto-assets are subject to regulation and supervision through coordinated regulatory initiatives. Additionally, the FSB noted it is closely collaborating with standard-setting bodies, including the Financial Action Task Force, to regulate and supervise stablecoins and other crypto-assets and understand the implications of decentralized finance on financial stability. Consultative reports discussing recommendations for global regulatory and supervisory approaches to stablecoins and other crypto-assets will be submitted in October to the G20 finance ministers and central bank governors.
- Benjamin W. Hutten to discuss “Ongoing CDD: Operational considerations” at NAFCU’s Regulatory Compliance & BSA Seminar
- James C. Chou to discuss ransomware at NAFCU’s Regulatory Compliance & BSA seminar
- Jedd R. Bellman to provide an “Attorney exemption/medical debt update” at the North American Collection Agency Regulatory Association annual conference
- Kathryn L. Ryan to discuss “What should crypto regulation look like: Legislation, regulation and consumer issues” at WCL's First Annual Virtual Currency Law Institute
- Elizabeth E. McGinn to discuss “How to mitigate and manage third-party risks: Leveraging tools and best practices” at The Knowledge Group’s webcast
- Elizabeth E. McGinn, Benjamin W. Hutten, and James C. Chou to discuss “The evolving regulatory landscape: Third-party and cyber risk management” at the 2022 mWISE Conference
- Sherry-Maria Safchuk to discuss “For your eyes only: Privacy updates for 2022-2023” at CCFL’s Annual Consumer Financial Services Conference
- James T. Parkinson to present a “Global anti-corruption update” at IBA’s annual conference