Skip to main content
Menu Icon

InfoBytes Blog

Financial Services Law Insights and Observations


Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • Payment processor fined $75k, partner owes $243M in CFPB suit


    On July 31, the District Court for the Central District of California entered judgment in favor of the court-appointed receiver for defendants against the non-party provider of payment processing and escrow services to defendants and its managing member in the amount of $75,000, following a July 10 order requiring defendant to pay $243 million in redress and civil penalties. These judgments were entered in connection with the lawsuit filed by the CFPB, along with the Minnesota and North Carolina attorneys general, and the Los Angeles City Attorney, against a student loan debt relief operation for allegedly deceiving thousands of student-loan borrowers and charging more than $71 million in unlawful advance fees (covered by InfoBytes here).

    The defendant companies and one of the controlling business partners settled in 2020, but the court ordered the remaining controlling business partner to pay $243 million in redress and civil penalties earlier in July based on his involvement in violating various laws through the operation, including the TSR and the CFPA. Of the $243 million, the CFPB is entitled to over $95 million as redress for unlawful fees paid by consumers affected by the student loan debt relief operation and nearly $148 million of civil money penalties, and Minnesota, North Carolina, and California are each entitled to $5,000 of civil money penalties. The recent judgment of $75,000 entered against the non-party payment processing service provider resulted from the settlement of a separate lawsuit alleging that the service provider facilitated the fraud perpetuated by the defendants in the student loan debt relief operation and later attempted to deceptively transfer consumer funds held by defendants to avoid their transfer to the receiver.

    Courts CFPB Student Lending Debt Relief Payment Processors California Minnesota North Carolina State Attorney General CFPA TSR

  • CFPB levies $25 million penalty for EFTA violations

    Federal Issues

    On June 27, the CFPB entered a consent order against a Nebraska-based payment processor and its Delaware-based subsidiary for alleged violations of the EFTA (Regulation E), and the Consumer Financial Protection Act’s prohibition against unfair acts and practices. According to the Bureau, in 2021 the respondent’s employees allegedly used sensitive consumer financial information while conducting internal testing, without employing the proper information safety protocols. The internal tests allegedly created payment processing files that were treated as containing legitimate consumer bill payment orders. According to the Bureau, the erroneous bill payment orders were allegedly sent to consumers’ banks for processing, which resulted in approximately $2.3 billion in mortgage payments being debited from nearly 500,000 borrower bank accounts without their knowledge or authorization. The Bureau alleged in its order that some consumers accounts were depleted, “depriving Affected Consumers of the use of their funds, including by being prevented from making purchases or completing other legitimate transactions, and many were charged fees, including fees for insufficient funds or overdrawn accounts.” While neither admitting nor denying any of the allegations, the respondent has agreed to pay a $25 million penalty, stop activities the Bureau deemed unlawful, and adopt and enforce reasonable information security practices.

    Federal Issues CFPB Enforcement Consumer Finance Mortgages Payment Processors Fintech Unfair UDAAP EFTA CFPA

  • FTC, DOJ sue payment processor for tech support scams

    Federal Issues

    On April 17, the DOJ filed a complaint on behalf of the FTC against several corporate and individual defendants for violating the FTC Act and the Telemarketing Sales Rule (TSR) by allegedly engaging in credit card laundering for tech support scams. (See also FTC press release here.) According to the complaint, since at least 2016, the defendants—a payment processing company and several of its subsidiaries, along with the company’s CEO and chief strategy officer—worked with telemarketers who made misrepresentations to consumers about the performance and security of their computers through the use of deceptive pop ups in order to sell technical support scams. Defendants’ involvement included assisting and facilitating the illegal sales and laundering the credit card charges through their own merchant accounts (thus giving the scammers access to the U.S. credit card network) where defendants received a commission for each charge. The complaint maintained that the defendants “engaged in this activity even though it and its officers knew or consciously avoided knowing that its tech support clients were engaged in deceptive telemarketing practices.”

    The proposed court orders (see here, here, and here) each impose monetary judgments of $16.5 million and (i) prohibit the defendants from engaging in credit card laundering through merchant accounts; (ii) require the defendants to screen and monitor any high-risk clients and take action if clients should charge consumers without authorization or violate the TSR; and (iii) prohibit the defendants from engaging in payment processing or assisting tech support companies that engage in false or unsubstantiated telemarketing or advertising. According to the DOJ’s announcement the defendants will be required to pay a combined total of $650,000 in consumer redress. This payment will result in the suspension of the total monetary judgment of $49.5 million due to the defendants’ inability to pay.

    Federal Issues FTC DOJ Enforcement Payment Processors Credit Cards FTC Act Telemarketing Sales Rule Credit Card Laundering

  • Massachusetts settles with debt payment processor

    State Issues

    On November 7, the Massachusetts attorney general announced a settlement with a payment processing company to resolve claims that it provided substantial assistance to a debt settlement provider engaged in unlawful business practices that charged consumers premature and inflated fees in violation of state and federal law. According to an assurance of discontinuance filed in Suffolk Superior Court, the company processed settlement and fee payments for consumers enrolled in various debt settlement programs, including those offered by a debt settlement provider that was previously fined $1 million by the AG’s office for allegedly harming financially-distressed consumers. (Covered by InfoBytes here.) The newest settlement resolves claims that the company transferred unlawful fee payments to the debt settlement provider despite having knowledge of the alleged misconduct and even after the provider was sued by the AG’s office. Without admitting any facts, liability, or wrongdoing, the company has agreed to pay $600,000 to the Commonwealth, and will, according to the announcement, “make meaningful business practice changes that would prevent it from transferring untimely fees from any Massachusetts consumer account to any debt settlement company.”

    State Issues State Attorney General Massachusetts Debt Settlement Payment Processors Consumer Finance Fees Enforcement

  • CFPB sues payment processor over junk fees and dark patterns

    Federal Issues

    On October 18, the CFPB filed a complaint against a Texas-based payment processing service platform (primarily related to collecting and processing event fees) for allegedly violating the Consumer Financial Protection Act (CFPA) and the EFTA by engaging in deceptive and abusive acts and practices. The Bureau alleged that the defendant enrolled consumers in, and charged them, for discount club memberships without their consent that were largely unrelated to the event the consumers were signing up for. The complaint noted that although the defendant’s memberships had a 30-day free “negative option trial membership,” the memberships automatically begin charging the membership fees at the end of the trial period. The Bureau also alleged that the defendant deployed dark patterns, which “are hidden tricks or trapdoors that companies build into their websites to get consumers to inadvertently click links, sign up for subscriptions, or purchase products or services.” The Bureau further alleged that the defendant violated the EFTA and Regulation E by increasing consumers’ membership fees without sending the consumer written notice of the new amount and the date of the new payment at least 10 days before initiating the new payment, which also constitute violations of the CFPA. The Bureau is seeking permanent injunctive relief, damages, restitution, disgorgement, civil money penalties, and other relief.

    According to a statement by CFPB Director Rohit Chopra, the Bureau is “closely watching whether financial services firms are deploying digital dark patterns,” and is “looking at a range of ways to reduce unwanted junk fees.” He also added that the Bureau is “working to ensure our payments system is working safely and fairly” and that it “will continue to look at how payment platforms extract data and fees from their users.”

    Federal Issues CFPB Enforcement Junk Fees Dark Patterns CFPA EFTA UDAAP Consumer Finance Payment Processors

  • District Court approves $84 million payment processing settlement


    On August 17, the U.S. District Court for the District of Nebraska granted final approval of an $84 million class action settlement resolving allegations that a payment processing company’s billing practices overcharged merchants. Class members retained the company to process credit card payments and claimed that the company allegedly charged fees that did not align with the terms of their contracts. Class members accused the company of Racketeer Influenced and Corrupt Organizations Act violations, breach of contract, and fraudulent concealment related to allegations that the company assessed noncompliance fees, increased contractual credit card discount rates, and shifted credit card transactions from lower-cost rate tiers to higher-cost rate tiers. Under the terms of the settlement, the company will pay up to $84 million into a settlement fund, which will provide cash benefits to class members and cover administrative costs, attorney fees, and other expenses.

    Courts Class Action Payment Processors Consumer Finance RICO Settlement

  • FTC brings action against payment processor for misleading small businesses

    Federal Issues

    On July 29, the FTC announced a settlement with a payment processing company and two of its sales affiliates (collectively, “defendants”) to resolve claims that they “trapp[ed] small businesses with hidden terms, surprise exit fees, and zombie charges.” The FTC alleged that the defendants made false claims about fees and cost savings, including “false and baseless claims about their processing services” to lure merchants, many of whom had limited English proficiency. According to the complaint, once merchants were enrolled, the defendants allegedly withdrew funds from their accounts without their consent and made it difficult and expensive for them to cancel the service. The complaint also alleged that the defendants violated the Restore Online Shoppers’ Confidence Act (ROSCA) by failing to disclose material terms, by charging consumers without their express informed consent, and by failing to provide a simple mechanism for consumers to cancel the agreements.

    Under the terms of the proposed settlement, the defendants are, among other things, prohibited from making misrepresentations, making unsubstantiated claims, and using unfair debiting practices. The defendants will also be prohibited from making withdrawals from any of their customers’ bank accounts without authorization. The defendants must pay $4.9 million to the FTC, which will be used to provide refunds to affected businesses.

    Federal Issues FTC FTC Act Enforcement ROSCA Payment Processors UDAP

  • UK's FCA secures £2,000,000 account forfeiture order against fintech start up

    Federal Issues

    On April 21, the UK’s Financial Conduct Authority (FCA) secured a £2,000,000 account forfeiture consent order against a fintech startup that purportedly offers due diligence and underwriting services. The FCA noted that the funds were supposedly an investment received from a software firm, but observed that the fintech company moved the money repeatedly to different bank accounts in several countries in transactions with no legitimate business purpose. The funds, which the FCA had already frozen in October and December 2020, were allegedly “the proceeds of illegal activity connected to criminal proceedings in the United States of America concerning an alleged conspiracy to commit wire fraud against banks, credit card companies and other financial service providers in the USA.” While the FCA is not alleging that the fintech company was involved in the conspiracy, it flagged concerns in response to the company’s application to become a regulated firm. The company has since withdrawn its application to be regulated by the FCA.

    Federal Issues Of Interest to Non-US Persons UK FCA DOJ UK Payment Processors Fintech Forfeiture Order

  • FTC fines payment processor $2.3 million for helping online discount clubs bilk consumers

    Federal Issues

    On March 10, the FTC reached a settlement with a payment processing company and two senior officers (collectively, “defendants”) whereby the company would pay $2.3 million in restitution as part of their role in allegedly helping the operators of a group of marketing entities enroll consumers into online discount clubs and debit more than $40 million from consumers’ bank accounts for membership without their authorization. As previously covered by InfoBytes, the FTC’s 2017 complaint claimed that the online discount clubs claimed to offer services to consumers in need of payday, cash advance, or installment loans, but instead enrolled consumers in a coupon service that charged initial fees ranging from $49.89 to $99.49, as well as monthly recurring fees of up to $19.95. However, the FTC’s complaint stated that “99.5 percent of the consumers being illegally charged for the ‘discount clubs’ never accessed any coupons, and that tens of thousands called the defendants to try and cancel the charges, while thousands more disputed the charges directly with their banks.” The FTC accused the defendants of providing “substantial assistance or support” in the way of payment processing services while “knowing or consciously avoiding knowing” that the actions being supported were in violation of the Telemarketing Sales Rule (TSR). The FTC further detailed how defendants ignored several indications of fraudulent activity, including the consistently high return rates generated by the discount club transactions and that a primary client of their services had already been the subject of previous FTC enforcement actions for engaging in similar conduct.

    Under the terms of the settlement, which is pending court approval, the defendants are banned from, among other things, (i) processing remotely created payment orders; (ii) processing payments on behalf of clients whose business involves outbound telemarketing, discount clubs, or offers to help consumers with payday loans; (iii) processing payments on behalf of any client that the defendants know or should know is engaging in deceptive or unfair acts or practices or violating the TSR; and (iv) processing payments for any existing or prospective clients without first conducting a reasonable screening to ensure clients are not violating federal law.

    Federal Issues FTC Enforcement Payment Processors TSR FTC Act Consumer Finance Settlement

  • DFPI addresses several MTA licensing exemptions

    Recently, the California Department of Financial Protection and Innovation (DFPI) released two new opinion letters covering aspects of the California Money Transmission Act (MTA) related to the purchase and sale of digital assets and agent of payee rules. Highlights from the redacted letters include:

    • Purchase and Sale of Digital Assets; Payment Processing Services. The redacted opinion letter examines whether the inquiring company’s client is required to be licensed under the MTA. The letter describes two types of transactions proposed to be conducted on the client’s online trading platform: (i) transactions in which customers purchase and sell digital assets from the company in exchange for fiat currency (Direct Purchase Transactions); and (ii) transactions in which merchants use the platform as a payment processor to accept digital assets from customers in exchange for non-fungible tokens (Payment Processing Transactions). DFPI concluded that the Direct Purchase Transactions do not require an MTA license because they do not “involve the sale or issuance of a payment instrument, the sale or issuance of stored value, or receiving money for transmission.” DFPI similarly concluded that the Payment Processing Transactions do not require licensure at this time because DFPI has “not yet determined that payment processing transactions involving digital assets constitute receiving money for transmission[.]” Notwithstanding, DFPI added that it has been “studying the cryptocurrency industry closely” and that “[a]t any time, the Department may determine these activities are subject to regulatory supervision. The Department may also adopt regulations or issue interpretive opinions that significantly restrict [the contemplated] business operations.”
    • Agent of Payee. The redacted opinion letter addresses whether the inquiring company’s proposed payment processing activities are exempt from the MTA’s licensing requirements. The letter explains that the company proposes to process payments related to purchases of apps through a virtual marketplace that operates on the company’s point of sale terminals. Through the virtual marketplace, customers (generally small businesses or merchants) may purchase apps that are developed and licensed to customers by third-party developers. Pursuant to a developer agreement, the company is appointed by such third-party developers to act as an “agent” of the developers “to collect and hold all Gross Revenue on [the developers’] behalf and to remit the Remittance Amount to [the developers’] Payment Account.” DFPI concluded that receiving funds from a customer for the purposes of transmitting payments to the developer “constitutes ‘receiving money for transmission.’” However, DFPI noted that these activities also satisfy the “agent of payee” exemption requirements because, pursuant to the developer agreement, the company acts as an agent of the developer, and the company’s receipt of payment satisfies “the customer’s (payor’s) obligation to the Developer for goods or services.” Accordingly, DFPI concluded that while the activities described constitute “money transmission” the company is exempt from the MTA’s licensure requirement.

    DFPI reminded the companies that its determinations are limited to the presented facts and circumstances and that any change could lead to different conclusions.

    Licensing State Issues State Regulators DFPI California Money Transmission Act Money Service / Money Transmitters Payment Processors Fintech Digital Assets Cryptocurrency California


Upcoming Events