InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
Utah appellate court upholds ruling for defendant in FDCPA case
Recently, the Utah Court of Appeals affirmed a lower court’s decision granting summary judgment in favor of a defendant debt collector in an FDCPA case. According to the court, defendant’s registration as a debt collection agency had lapsed in Utah when it sent the plaintiff a debt collection letter. Later, when still not registered as a collection agency, defendant served plaintiff with a collection complaint and filed it with the district court. Plaintiff did not contest the complaint, leading to defendant moving for a default judgment, which the district court granted in 2020. Thereafter, plaintiff filed suit against defendant for illegally pursuing the prior collection action, and summary judgment was entered against plaintiff.
On appeal, the court turned to a recent similar case that supported the lower court’s decision that a registration violation was not actionable under the Utah Consumer Sales Practices Act (UCSPA). Regarding plaintiff’s FDCPA claim, the court found that plaintiff did not argue for a different resolution under the FDCPA compared to the Utah Code. Plaintiff contended that since both statutes prohibited the same practices in debt collection, her FDCPA claim should also be valid under the UCSPA. However, as plaintiff did not preserve any argument distinguishing her FDCPA claim from her UCSPA claim, the court affirmed the dismissal of both the FDCPA and UCSPA claims.
Utah enshrines two acts to create cybersecurity notification guidelines
On March 19, Utah enacted SB 98 which amended the state’s online data security and privacy requirements. SB 98 will include new protocols that individuals and governmental entities must follow under its data breach reporting requirements. SB 98 will require individuals and governmental entities to provide specific information about the breach, including, among other things: (i) when the data breach occurred; (ii) when the data breach was discovered; (iii) the total number of individuals affected by the breach, with a separate count for Utah residents; (iv) the type of personal data involved; (v) a brief description of the data breach; and only for government entities (vi) the path of means by which access was granted to the system if known; (vii) the individual or entity who perpetrated the breach if known; and (viii) the actions taken by the governmental entity to mitigate the effects of the breach. Additionally, the Cyber Center will be tasked with assisting the governmental entity in responding to breaches. This assistance may include: (a) conducting or participating in an internal investigation; (b) assisting law enforcement with their investigation if necessary; (c) determining the scope of the data breach; (d) helping the entity to restore the integrity of the compromised system; and (e) providing any other necessary support in response to the breach.
On that same day, the governor also signed into law HB 491 which enacted the Government Data Privacy Act. Similarly, the bill will describe the duties of state government agencies related to personal data privacy, including breach notification requirements, limits on data collection and use, and the ability to correct and access personal data. On structure, the bill created the Utah Privacy Governing Board to recommend changes in the state privacy policy, established the Office of Data Privacy to coordinate implementation of privacy protections, and named the Personal Privacy Oversight Commission to the Utah Privacy Commission and amended the commission’s duties. Both SB 98 and HB 491 will go into effect on May 1.
Utah amends provisions on notifications and definitions of commercial financing transactions
On March 13, the Governor of Utah signed into law SB 25, a bill that amended certain provisions related to commercial financing transactions, specifically repealing provisions related to disclosing commercial financing transactions and adding the requirement that a party subject to the notification requirement must submit evidence of registration with the NMLS. The bill also amended Section 7-27-101 of the Laws of Utah, to update the definition of the term “broker” and separate it from the term “provider.” Under Section 7-27-202, the bill removed certain disclosures for commercial financing transactions, including disclosures previously required for open-end credit plans after disbursing funds. Additionally, under Section 70C-1-302, the bill updated two more defined terms: “Commissioner” and “Nationwide database.” Lastly, under Section 70C-8-202, the bill amended certain notification requirements, specifically indicating the party shall file a notification via the NMLS, and such notification will be required annually on or before December 31. The bill will go into effect on May 1.
FTC confirms two members as its board returns to full strength
On March 8, the FTC announced the confirmation of two new commissioners: Andrew N. Ferguson and Melissa Holyoak. Additionally, current Commissioner Rebecca Kelly Slaughter received a confirmation vote for a second term. Newcomers Ferguson and Holyoak were nominated by President Biden and will serve until September 25, 2025; Slaughter will serve until the same date in 2029. Ferguson had previously been working as solicitor general of Virginia, and before that he was chief counsel to U.S. Sen. Mitch McConnell of Kentucky and as Republican counsel on the U.S. Senate Judiciary Committee. Holyoak was most recently solicitor general with the Utah Attorney General’s Office. Before that, she served as president and general counsel of a D.C.-based public interest law firm.
Utah Court of Appeals affirms ruling for debt buyer engaged in unlicensed collection efforts
The Utah Court of Appeals affirmed a lower court’s ruling against a debt buyer that acquired a portfolio of bad debts from borrowers all over the country, including residents of Utah. The debt buyer collected on the portfolio of debts by retaining third-party debt collectors or, in some instances, attorneys to recover such debts by filing lawsuits. The debt buyer was not licensed under the Utah Collection Agency Act (UCAA). As such, the plaintiffs argued that the debt buyer’s collection efforts were “deceptive” and “unconscionable” under the Utah Consumer Sales Practices Act.
The lower court ruled for the debt buyer on the grounds that failure to obtain a license, without more, did not rise to the level of “deceptive” or “unconscionable” conduct. Further, the UCAA does not have a private right of action.
Utah recently repealed the collection agency’s license, effective May 3, 2023 (covered by InfoBytes here).
Utah repeals some collection agency registration requirements
On March 17, the Utah governor signed HB 20 to repeal several of the state’s collection agency statutory provisions. Specifically, the bill repeals provisions that (i) require collection agencies to register with the Division of Corporations and Commercial Code and have on file sufficient bond in the amount of $10,000 (see Sections 12-1-1 and 12-1-2); (ii) stipulate bond terms and require certain records relating to registrations and bonds to be maintained with the Division and open to public inspection (see Sections 12-1-3, and 12-1-5); (iii) relate to violations and penalties and specify that “[a]ny person, member of a partnership, or officer of any association or corporation who fails to comply with any provision of this title is guilty of a class A misdemeanor (see Section 12-1-6); (iv) outline exceptions (see Section 12-1-7); (v) govern assignments of debts involving collection agencies and limit activities as to the assignments (see Section 12-1-8); (vi) specify that information about a consumer’s credit rating or credit worthiness sent to a consumer reporting agency is void if the collection agency does not have a bond on file (see Section 12-1-9); and (vii) require certain registration forms and application fees for collection agencies seeking approval to conduct business in Utah (see Section 12-1-10). Limitations and terms of collection fees and convenience fees imposed by creditors or third-party debt collection agencies will remain unchanged by the amendments (see Section 12-1-11). The changes take effect May 3.
Utah amends disclosure requirements for data breaches
On March 23, the Utah governor signed SB 127, which, among other things, requires additional disclosure requirements for system security breaches and creates the Utah Cyber Center. For example, it mandates additional notice requirements to the office of the Utah attorney general (AG) and the Utah Cyber Center where an investigation “reveals that the misuse of personal information relating to 500 or more Utah residents, for identity theft or fraud purposes, has occurred or is reasonably likely to occur.” If the investigation reveals the misuse of personal information relating to 1,000 or more Utah residents, the notification must also be sent “to each consumer reporting agency that compiles and maintains files on consumers on a nationwide basis.”
The Utah Cyber Center will be responsible for, among other things, developing a statewide strategic cybersecurity plan for executive branches and other governmental agencies; identifying, analyzing, and mitigating cyber threats and vulnerabilities; coordinating cybersecurity resilience planning; providing cybersecurity incident response capabilities; developing incident response plans to coordinate federal, state, local, and private sector activities; and developing and promoting cybersecurity best practices.
The amendments are effective 60 days follow adjournment of the legislature.
CFPB: TILA does not preempt state commercial financial disclosures
On March 28, the CFPB issued a determination that state disclosure laws covering lending to businesses in California, New York, Utah, and Virginia are not preempted by TILA. The preemption determination confirms a preliminary determination issued by the Bureau in December, in which the agency concluded that the states’ statutes regulate commercial financing transactions and not consumer-purpose transactions (covered by InfoBytes here). The Bureau explained that a number of states have recently enacted laws requiring improved disclosure of information contained in commercial financing transactions, including loans to small businesses. A written request was sent to the Bureau requesting a preemption determination involving certain disclosure provisions in TILA. While Congress expressly granted the Bureau authority to evaluate whether any inconsistencies exist between certain TILA provisions and state laws and to make a preemption determination, the statute’s implementing regulations require the agency to request public comments before making a final determination. In making its preliminary determination last December, the Bureau concluded that the state and federal laws do not appear “contradictory” for preemption purposes, and that “differences between the New York and Federal disclosure requirements do not frustrate these purposes because lenders are not required to provide the New York disclosures to consumers seeking consumer credit.”
After considering public comments following the preliminary determination, the Bureau again concluded that “[s]tates have broad authority to establish their own protections for their residents, both within and outside the scope of [TILA].” In affirming that the states’ commercial financing disclosure laws do not conflict with TILA, the Bureau emphasized that “commercial financing transactions to businesses—and any disclosures associated with such transactions—are beyond the scope of TILA’s statutory purposes, which concern consumer credit.”
Utah enacts financial institution provisions
On March 24, the Utah governor signed SB 183 into law, which amends the state’s provisions related to financial institutions. Among other things, the bill: (i) modifies the definition of “control” for purposes of the Financial Institutions Act and provides penalties for failure to comply with registration and disclosure requirements. Additionally, the bill enacts the Commercial Financing Registration and Disclosure Act, which requires individuals who provide certain commercial financing products to register with the Department of Financial Institutions and make certain disclosures in connection with each commercial financing product.
Arizona and Utah modify various licensing provisions
On March 24, the Arizona governor signed HB 2612, which eliminates requirements for there to be a finding on whether an applicant is law abiding, honest, trustworthy, and of good moral character in order to be eligible for a license, permit, or certification. This applies to bank or in-state financial institution acquisitions, banking, consumer lenders, trust companies, escrow agents, mortgage brokers, mortgage bankers, commercial mortgage brokers, loan originators, financial institution holding companies, premium finance companies, real estate appraisers and appraisal management companies, among others. The bill also makes other technical and conforming changes and takes effect 90 days after adjournment of the legislature.
Earlier, on March 23, the Utah governor signed HB 69, which modifies various licensing provisions under the state’s Residential Mortgage Practices and Licensing Act. The bill also makes various amendments under the Real Estate Licensing and Practices Act related to licensing, fees, and disciplinary actions. Among other things, the bill amends the general qualifications of licensure to make residential mortgage loans, including provisions related to mandatory education requirements for both state applicants and applicants licensed in other states and criminal background checks. Specifically, the bill removes a provision that states a “license is immediately and automatically revoked if the criminal background check discloses the applicant fails to accurately disclose a criminal history involving: (A) the real estate industry; or (B) a felony conviction on the basis of an allegation of fraud, misrepresentation, or deceit.” Additional amendments authorize the commission to impose sanctions against licensees and unregistered persons that were found to be in violation of a provision of the act; discuss the process for filing a written request for the vacation of a license revocation; address pending transactions should the death of a principal broker occur; and remove provisions regarding the payment of certain expenses and costs. The bill takes effect 60 days after adjournment of the legislature.