Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
FTC to permanently ban auto warranty operation
On March 24, the FTC announced that a Florida-based group of operators (defendants) faces a permanent ban from the extended automobile warranty industry and will be barred from any further involvement in outbound telemarketing. As previously covered by InfoBytes, the defendants allegedly violated the FTC Act and the Telemarketing Sales Rule by allegedly engaging in deceptive practices when marketing and selling automobile warranties. According to the FTC, the defendants, among other things, (i) misrepresented their affiliation with consumers’ car dealers or manufacturers; (ii) misrepresented warranty coverage; (iii) falsely promised consumers they could obtain a full refund if they cancelled within 30 days; (iv) used remotely created checks, which are illegal in telemarketing transactions; and (v) placed unsolicited calls to numbers on the do not call registry. The proposed stipulated order for permanent injunction, filed in the U.S. District Court for the Southern District of Florida, would require the defendants to pay a $6.6 million monetary judgment and would impose a permanent industry ban. However, the monetary judgment is largely suspended based on the defendants’ inability to pay.
2nd Circuit: CFPB funding is constitutional
On March 23, the U.S. Court of Appeals for the Second Circuit held that the CFPB’s funding structure is constitutional—splitting from the U.S. Court of Appeals for the Fifth Circuit’s decision in Community Financial Services Association of America v. Consumer Financial Protection Bureau, which concluded that Congress violated the Constitution’s Appropriations Clause when it created what that Court described as a “perpetual self-directed, double-insulated funding structure.” The U.S. Supreme Court is scheduled to review the 5th Circuit’s decision next term (covered by InfoBytes here).
Meanwhile, the 2nd Circuit concluded that it “cannot find any support” for the 5th Circuit’s determination in Supreme Court precedent, the text of the Constitution text, or in the history of the Appropriations Clause. “Because the CFPB’s funding structure was authorized by Congress and bound by specific statutory provisions, we find that the CFPB’s funding structure does not offend the Appropriations Clause,” the 2nd Circuit wrote. As such, the appellate court affirmed a 2020 district court order requiring the defendant debt collection law office to comply with a civil investigative demand issued by the Bureau in June 2017. As previously covered by InfoBytes, the CID requested information from the defendant as part of a Bureau investigation into whether debt collectors, furnishers, or other persons associated with the collection of debt and furnishing of information have engaged or are engaging in unfair, deceptive, or abusive acts or practices in violation of the CFPA, FDCPA, and FCRA. The defendant objected on several grounds, including that the CID was void ab initio under Seila Law LLC v. CFPB (the defendant contended that “the CFPB Director was shielded from presidential oversight by an unconstitutional removal provision at the time the CID was issued”), and that the Bureau is unconstitutionally funded. As noted in the opinion, the Bureau ratified the CID and the enforcement action against the defendant following the Supreme Court’s decision in Seila Law, and the district court ultimately granted the Bureau’s petition to enforce the CID.
On review, the 2nd Circuit affirmed the district court’s order, concluding that the CID was not void ab initio because “there is no dispute that the CFPB Director who issued the CID was properly appointed.” The appellate court pointed to the majority opinion in the Supreme Court’s decision in Collins v. Yellen (covered by InfoBytes here), which held that “‘an unconstitutional removal restriction does not invalidate agency action so long as the agency head was properly appointed[,]’” and therefore the Bureau’s actions are not void and do not need to be ratified, unless a plaintiff can show that “the agency action would not have been taken but for the President’s inability to remove the agency head.” The panel further noted that “[s]ince the CID was issued, there have been three different CFPB Directors appointed by two different presidents, each of whom has been subject to at-will removal at some point in their tenure. There is nothing to suggest that the Director’s removal protection affected the issuance of the CID or the investigation into [the defendant].” The 2nd Circuit further concluded that “the CFPB’s funding structure is not constitutionally infirm under either the Appropriations Clause or the nondelegation doctrine, and that the CID served on [the defendant] is not an unduly burdensome administrative subpoena.”
9th Circuit: Law firm did not violate FCRA by accessing credit report
On March 17, the U.S. Court of Appeals for the Ninth Circuit affirmed a district court’s grant of summary judgment in favor of a defendant law firm that allegedly accessed a plaintiff’s credit report to obtain her current address after it was hired to collect unpaid homeowner association (HOA) assessments. The plaintiff filed a class action lawsuit claiming, among other things, that the defendant violated the FCRA by accessing her credit report without her consent and that neither the HOA nor the defendant are creditors within the meaning of the FCRA. The district court disagreed, concluding that the HOA was in fact a creditor for purposes of the FCRA. “Under the [a]greement, the HOA determines the assessment amount for a full year and then makes it payable in installments over the course of the year. Thus, it regularly extends credit,” the district court wrote, explaining that because the HOA is a creditor, its attorneys, in collecting on the account, have the right to review a consumer’s credit report without consent. Moreover, the district court determined that the defendant had established the requisite “direct link” between the credit transaction and its request for the plaintiff’s credit report.
The 9th Circuit concluded that the “[d]efendant’s reading of the statute was not objectively unreasonable” because the plaintiff “had a grace period during which she could receive half a month’s services that she had not yet paid for,” which “could be considered an extension of credit.” While concurring with the panel, one of the judges commented, however, that “[i]t is hard to imagine that Congress intended FCRA, a statute that protects consumer privacy, to empower HOAs composed of neighboring homeowners to run their neighbors’ credit reports if homeowners fall two weeks behind in their payments.” The judge recommended that the appellate court “revisit the issue,” noting that it is unclear under current case law whether an HOA assessment qualifies as a “credit transaction” under the FCRA.
District Court: Failure to investigate duplicate reporting dispute could violate the FCRA
On March 10, the U.S. District Court for the Southern District of Illinois ruled a defendant credit union failed to properly report an individual’s debt to a consumer reporting agency or investigate his dispute. Plaintiff obtained a credit card from the defendant but fell behind on his payments. After his account was later sent to a third-party collection agency, the plaintiff obtained a copy of his credit report where he noticed that his credit card debt was listed twice—once as a “individual” and “revolving” account with a balance of $10,145, and another time as an “open” collections account with a different balance. Plaintiff sent identical dispute letters to the three major credit reporting agencies (CRAs), acknowledging the delinquent credit card but expressing confusion as to why the account was listed twice. He submitted additional similar disputes with the CRAs, claiming that the error caused him to be denied the opportunity to rent an apartment and made it difficult for him to obtain a mortgage. During discovery, two corporate witnesses testified on behalf of the defendant—one of whom is responsible for reviewing consumer credit disputes and verified the information being reported was accurate. A second witness also testified that while the defendant understood that the plaintiff was alleging inaccuracies due to the debt being reported twice, it chose to focus its investigation on verifying that the information in the plaintiff’s credit report matched the information in its internal system.
In denying the defendant’s motion for summary judgment, the court noted that while the U.S. Court of Appeals for the Seventh Circuit “has not decided whether double-reporting of a single debt on a credit report is an FCRA violation, district courts across the country have found that whether the practice is misleading and violates the FCRA is an issue of fact.” The court explained that an issue of fact exists as to whether double reporting the debt created a misleading impression that the plaintiff has two separate debts totaling $22,000 rather than a single debt of roughly $10,000. Moreover, even though the plaintiff’s dispute contained the message “duplicate,” the defendant did not address this issue nor did it request that a change be made to the plaintiff’s credit report. “A jury could reasonably conclude  that [defendant’s] investigation was inadequate under the FCRA,” the court wrote. “[W]hether [defendant’s] investigation or protocol may qualify as a willful violation giving rise to statutory or punitive damages is an issue for a jury as well.”
DOJ, CFPB: Lenders that rely on discriminatory appraisals violate the FHA and ECOA
On March 13, the DOJ and CFPB filed a statement of interest saying that a “lender violates both the [Fair Housing Act (FHA)] and ECOA if it relies on an appraisal that it knows or should know to be discriminatory.” (See also CFPB blog post here.) Pointing out that the case raises important legal questions regarding the issue of appraisal bias, the agencies explained that the DOJ has enforcement authority under both the FHA and ECOA, and the Bureau has authority to interpret and issue rules under ECOA and enforce the statute’s requirements.
The case, which is currently pending in the U.S. District Court for the District of Maryland, concerns whether an appraiser, a real estate appraisal company, and an online mortgage lender (collectively, “defendants”) violated federal and state law by undervaluing plaintiffs’ home on the basis of race and denying a mortgage refinancing application based on the appraisal. Plaintiffs, who are Black, claimed their home was appraised for a lower amount on the basis of race, and maintained that the lender denied their loan even after being told the appraisal was discriminatory. Additionally, plaintiffs claimed that after they replaced family photos with pictures of white people and had a white colleague meet a new appraiser, that appraiser appraised the house for $750,000—a nearly 60 percent increase despite there not being any significant improvements made to the house or meaningful appreciation in the value of comparable homes in the market.
The defendant appraiser filed a counterclaim against the plaintiffs providing technical arguments for why he valued the home at $472,000, including that the property next door was listed for $500,000, but was later reduced to $475,000, only 10 days after he completed the appraisal. He further claimed that the second appraisal failed to include that property as a comparison and relied on home sales that had not happened as of the time of the first appraisal. The lender argued that it should not be held liable because it was relying on a third-party appraiser and that “it can be liable only if it took discriminatory actions that were entirely separate from [the appraiser’s].”
While the statement does not address the issue of vicarious liability, the DOJ and CFPB asserted that lenders can be held liable under the FHA and ECOA for relying on discriminatory appraisals. They explained that it is “well-established that a lender is liable if it relies on an appraisal that it knows or should know to be discriminatory.” The statement also provided that for disparate treatment claims under the FHA and ECOA, “plaintiffs need only plead facts that plausibly allege discriminatory intent.” The agencies also argued that a violation of Section 3617 of the FHA (which includes “a prohibition against retaliating in response to the exercise of fair housing rights”) “does not require a ‘predicate violation’ of the FHA.
District Court approves $1.75 million data breach settlement
On March 3, the U.S. District Court for the Central District of California granted final approval of a $1.75 million class action settlement resolving allegations related to a 2020 data breach that compromised nearly 100,000 individuals’ personally identifiable information, including financial information, social security numbers, health records, and other personal data. The affected individuals are students, parents, and guardians who were enrolled in a system used to manage student data in a California school district. According to class members, by failing to adequately safeguard users’ login credentials and by failing to timely notify individuals of the breach, the company violated, among other things, California’s unfair competition law, the California Customer Records Act, and the California Consumer Privacy Act.
Under the terms of the settlement, the company is required to pay a non-reversionary settlement amount of $1.75 million, which will be used to compensate class members and pay for attorney fees and costs, service awards, and administrative expenses. Additionally, as outlined in the motion for preliminary approval of the class action settlement, class members are eligible to submit claims for “ordinary losses” (capped at $1,000 per person), as well as “extraordinary losses” (capped at $10,000 per person). Ordinary losses include expenses such as bank fees, long distance phone charges, certain cell phone charges, postage, gasoline for local travel, “[f]ees for additional credit reports, credit monitoring, or other identity theft insurance products,” and up to 40 hours of time, at $25/hour, for at least one full hour used to deal with the data breach. Extraordinary losses are described as those “arising from financial fraud or identity theft” where the “loss is an actual, documented, and unreimbursed monetary loss” and is “fairly traceable to the data breach” and not already covered by another reimbursement category. Class members must also show that they made “reasonable efforts to avoid, or seek reimbursement for, the loss.” All class members will be offered 12 months of credit monitoring and identity theft protection at no cost, and the company will implement “information security enhancements” to prevent future occurrences.
Online lender asks Supreme Court to review ALJ ruling
A Delaware-based online payday lender and its founder and CEO (collectively, “petitioners”) recently submitted a petition for a writ of certiorari challenging the U.S. Court of Appeals for the Tenth Circuit’s affirmation of a CFPB administrative ruling related to alleged violations of the Consumer Financial Protection Act (CFPA), TILA, and EFTA. The petitioners asked the Court to first review whether the high court’s ruling in Lucia v. SEC, which “instructed that an agency must hold a ‘new hearing’ before a new and properly appointed official in order to cure an Appointments Clause violation” (covered by InfoBytes here), meant that a CFPB administrative law judge (ALJ) could “conduct a cold review of the paper record of the first, tainted hearing, without any additional discovery or new testimony.” Or, the petitioners asked, did the Court intend for the agency to actually conduct a new hearing. The petitioners also asked the Court to consider whether an agency funding structure that circumvents the Constitution’s Appropriations Clause violates the separation of powers so as to invalidate prior agency actions promulgated at a time when the Bureau was receiving such funding.
The case involves a challenge to a 2015 administrative action that alleged the petitioners engaged in unfair or deceptive acts or practices when making short-term loans (covered by InfoBytes here). The Bureau’s order required the petitioners to pay $38.4 million as both legal and equitable restitution, along with $8.1 million in penalties for the company and $5.4 million in penalties for the CEO. As previously covered by InfoBytes, between 2018 and 2021, the Court issued four decisions, including Lucia, which “bore on the Bureau’s enforcement activity in this case” by “deciding fundamental issues related to the Bureau’s constitutional authority to act” and appoint ALJs. During this time, two different ALJs decided the present case years apart, with their recommendations separately appealed to the Bureau’s director. The director upheld the decision by the second ALJ and ordered the lender and its owner to pay the restitution. A district court issued a final order upholding the award, which the petitioners appealed, arguing, among other things, that the enforcement action violated their due-process rights by denying the CEO additional discovery concerning the statute of limitations. The petitioners claimed that they were entitled to a “new hearing” under Lucia, and that the second administrative hearing did not rise to the level of due process prescribed in that case.
However, the 10th Circuit affirmed the district court’s $38.4 million restitution award, rejecting the petitioners’ various challenges and affirming the director’s order. The 10th Circuit determined that there was “no support for a bright-line rule against de novo review of a previous administrative hearing,” nor did it see a reason for a more extensive hearing. Moreover, the petitioners “had a full opportunity to present their case in the first proceeding,” the 10th Circuit wrote.
The petitioners maintained that “[d]espite the Court’s clear instruction to hold a ‘new hearing,’ ALJs and courts have reached divergent conclusions as to what Lucia requires, expressing confusion and frustration regarding the lack of guidance.” What it means to hold a “new hearing” runs “the gamut,” the petitioners wrote, pointing out that while some ALJs perform a full redo of the proceedings, others merely accept a prior decision based on a cold review of the paper record. The petitioners argued that they should have been provided a true de novo hearing with an opportunity for new testimony, evidence, discovery, and legal arguments. The rehearing from the new ALJ was little more than a perfunctory “paper review,” the petitioners wrote.
Petitioners asked the Court to grant the petition for three reasons: (i) “the scope of Lucia’s ‘new hearing’ remedy is an important and apparently unsettled question of federal law”; (ii) “the notion Lucia does not require a genuinely ‘new’ de novo proceeding is necessarily wrong because a sham ‘remedy’ provides parties no incentive to litigate Appointments Clause challenges”; and (iii) the case “is an ideal vehicle to provide guidance on Lucia’s ‘new hearing’ remedy.” The petitioners further argued that “Lucia’s remedy should provide parties an incentive to raise separation of powers arguments by providing them actual and meaningful relief.”
The petitioners’ second question involves whether Appropriations Clause violations that render an agency’s funding structure unconstitutional, if upheld, invalidate agency actions taken under such a structure. The petitioners called this “an important, unsettled question of federal law meriting the Court’s review,” citing splits between the Circuits over the constitutionality of the Bureau’s funding structure which has resulted in uncertainty for both regulators and regulated parties. Recently, the Court granted the Bureau’s request to review the 5th Circuit’s decision in CFSAA v. CFPB, which held that Congress violated the Appropriations Clause when it created what the 5th Circuit described as a “perpetual self-directed, double-insulated funding structure” for the agency (covered by InfoBytes here).
SEC files emergency action on $100 million crypto fraud
On March 6, the SEC announced it had filed an emergency action against a Miami-based investment adviser and one of its principals (collectively, “defendants”) in connection with a $100 million crypto asset fraud scheme. According to the SEC’s complaint, filed in the U.S. District Court for the Southern District of Florida, the defendants allegedly promised investors that their money would be primarily used to trade crypto assets and would generate returns through separately managed accounts and five private funds. The SEC alleged, however, that the defendants “disregarded the [funds’] structure, commingled investor assets, and used over $3.6 million to make Ponzi-like payments to fund investors.” Moreover, the SEC claimed that the defendants falsely represented that one of the funds received an audit opinion from a “top four auditor,” when in fact none of the funds ever received an audit opinion. The individual defendant also allegedly misappropriated investor money for personal use and provided altered documents with inflated bank account balances to a third-party administrator of some of the funds.
The SEC’s complaint alleges violations of the antifraud provisions of the federal securities laws and seeks permanent injunctions, disgorgement, prejudgment interest, and civil money penalties. The SEC is also seeking an officer and director bar and conduct-based injunction against the individual defendant. Additionally, the complaint includes a list of “relief defendants” and seeks disgorgement from each of the funds and from another entity that allegedly received approximately $12 million from the defendants and the funds. The announcement noted that the SEC successfully received an asset freeze, appointment of a receiver, and other emergency relief against the defendants.
6th Circuit: Each alleged FDCPA violation carries its own statute of limitations
On March 1, the U.S. Court of Appeals for the Sixth Circuit reversed the dismissal of a debt collection action, holding that every alleged violation of the FDCPA has its own statute of limitations. According to the opinion, the plaintiff financed a furniture purchase through a retail installment contract. While making payments on the contract, the company purportedly sold the debt to a third party. After the plaintiff defaulted on the debt, the third party—through the defendant attorney—sued the plaintiff in state court to recover the unpaid debt and attorney’s fees. After the third party eventually voluntarily dismissed the suit due to questions of whether the debt transfer was valid, the plaintiff sued the attorney for violating the FDCPA, alleging the defendant doctored the retail installment contract (RIC) to make it appear as if the debt assignment was legal. The defendant moved to dismiss the complaint as time-barred by the FDCPA’s one-year statute of limitations. The district court dismissed the case citing the complaint was filed more than a year after the third party filed the state court complaint and later denied both the plaintiff’s motion for reconsideration and the defendant’s motion for attorney’s fees. Both parties appealed.
On appeal, the 6th Circuit agreed that the plaintiff made a timely claim. Plaintiff argued that at least one of her claims fell within the one-year statute of limitations—the attorney’s filing of the updated RIC that allegedly showed the “contrived transfer” of debt—and maintained that she filed within one year of that alleged violation. The defendant countered, among other things, that the plaintiff’s claim was time-barred because it was a continuing effect of the third party’s initial filing of the state court complaint. The 6th Circuit reviewed caselaw on the “continuing-violation doctrine” and determined that the doctrine was not relevant to the case, stating that the plaintiff never invoked it because she was not “trying to sweep in acts that would otherwise be outside of the filing period,” but rather sought “redress for a single claim that is not time-barred.” The 6th Circuit emphasized that the plaintiff’s “single claim is independent of [the third party’s] initial filing of the lawsuit—not a continuing effect of it—because it is a standalone FDCPA violation.” The opinion further stated that the only date considered for the statute of limitations is the date a lawsuit is filed when subsequent FDCPA violations within that lawsuit occurred, and wrote that “[i]f we were to only consider the date [the third party] filed suit . . . we would create a rule that disregards the fact that §1629k(d) creates an independent statute of limitations for each violation of the FDCPA . . . . And if we adopted [the defendant’s] approach, we’d be saying that ‘so long as a debtor does not initiate suit within one year of the first violation, a debt collector [is] permitted to violate the FDCPA with regard to that debt indefinitely and with impunity.’”
District Court says EFTA applies to cryptocurrency
On February 22, the U.S. District Court for the Southern District of New York partially granted a cryptocurrency exchange’s motion to dismiss allegations that its inadequate security practices allowed unauthorized users to drain customers’ cryptocurrency savings. Plaintiffs claimed the exchange and its former CEO (collectively, “defendants”) failed to correctly implement a two-factor authentication system for their accounts and misrepresented the scope of the exchange’s security protocols and responsiveness. Plaintiffs filed a putative class action alleging violations of the EFTA and New York General Business Law, along with claims of negligence, negligent misrepresentation, breach of contract, breach of warranty, and unjust enrichment. The defendants moved to dismiss, in part, by arguing that the EFTA claim failed because cryptocurrency does not constitute “funds” under the statute. The court denied the motion as to the plaintiffs’ EFTA claim, stating that the EFTA does not define the term “funds.” According to the court, the ordinary meaning of “cryptocurrency” is “a digital form of liquid, monetary assets” that can be used to pay for things or “used as a medium of exchange that is subsequently converted to currency to pay for things.” In allowing the claim to proceed, the court referred to a final rule issued by the CFPB in 2016, in which the agency, according to the court’s opinion, “expressly stated that it was taking no position with respect to the application of existing statutes, like the EFTA, to virtual currencies and services.” In the final rule, the Bureau stated that it “continues to analyze the nature of products or services tied to virtual currencies.” The court dismissed all of the remaining claims, citing various pleading deficiencies, and finding, among other things, that the “deceptive acts or practices” claim under New York law failed because plaintiffs did not identify specific deceptive statements the defendants made or deceptive omissions for which the defendants were responsible.
- Keisha Whitehall Wolfe to discuss “Tips for successfully engaging your state regulator” at the MBA's State and Local Workshop
- Max Bonici to discuss “Enforcement risk and trends for crypto and digital assets (Part 2)” at ABA’s 2023 Business Law Section Hybrid Spring Meeting
- Jedd R. Bellman to present “An insider’s look at handling regulatory investigations” at the Maryland State Bar Association Legal Summit