Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
English Litigation Continues as Mulvaney Delays CFPB Enforcement Cases and Lawmakers Begin New Payday CRA Action
On December 6, Deputy Director of the CFPB, Leandra English, filed an amended complaint for declaratory and injunctive relief and a motion for preliminary injunction with a supporting memorandum. In her amended complaint, English adds, among other things, a constitutional claim alleging that President Trump’s appointment of Mulvaney violates Article II, section 2 of the U.S. Constitution, which empowers the President to appoint “Officers of the United States,” subject to “the Advice and Consent of the Senate.” According to English, since Mulvaney was appointed without Senate approval and the Federal Vacancies Reform Act (FVRA) allegedly does not provide the President with a separate authority, President Trump does not have the constitutional authority to appoint Mulvaney in the manner he chose.
The amended complaint also alleges that the appointment of Mulvaney under the FVRA is illegal because that act cannot be used to make an appointment to an “independent multi-member board or commission without Senate approval,” and the CFPB Director is, by law, a member of the FDIC’s board. This argument mirrors the argument made in a new complaint filed on December 5 by a New York-based credit union against President Trump and Acting CFPB Director Mick Mulvaney in the U.S. District Court for the Southern District of New York to contest the legality of Mulvaney’s appointment. The defendants have yet to respond to the credit union’s complaint.
With respect to English’s litigation, the defendants are set to respond to the motion for preliminary injunction, which builds off the arguments in the amended complaint, by December 18, and a hearing on the motion is set for December 22.
Mulvaney has continued his work as Acting Director at the CFPB. On December 4, according to sources, he met with reporters to announce his decision to delay at least two active litigation cases as part of his plan to reevaluate the Bureau’s enforcement and litigation practices. The first case concerns a district court dispute between the Bureau and an immigration bond company over whether the CFPB has the authority to enforce a civil investigative demand for personal information about the company’s customers. The second case involves Mulvaney’s decision to withdraw the Bureau’s demand that a mortgage payment company post bond after being ordered to pay a $7.9 million civil money penalty (see previous InfoBytes coverage here). Mulvaney’s December 4 statements also included a freeze on the Bureau’s collection of consumers’ personally identifiable information. These actions follow directions issued by Mulvaney during his first week at the Bureau as previously covered by InfoBytes here.
Mulvaney has also suggested that he would not seek to repeal the Bureau’s final rule concerning payday loans, vehicle title loans, deposit advance products, and longer-term balloon loans but expressed his support for resolution H.J. Res. 122, which was introduced December 1 by a group of bipartisan lawmakers to override the rule under the Congressional Review Act (CRA). The final rule is set to take effect January 16, 2018, but compliance is not mandatory until August 19, 2019. A press release issued by the House Financial Services Committee in support of the resolution stated, “small-dollar loans are already regulated by all 50 states, the District of Columbia and Native American tribes. The CFPB’s rule would mark the first time the federal government has gotten involved in the regulation of these loans.”
On December 5, the Government Accountability Office (GAO) issued a letter to Senator Pat Toomey (R-Pa.) stating that CFPB Bulletin 2013-02 (Bulletin) on indirect auto lending and compliance with the Equal Credit Opportunity Act (ECOA) is a “general statement of policy and a rule” that is subject to override under the CRA. According to GAO, the CRA’s definition of a “rule” includes both traditional rules, which typically require notice to the public and an opportunity to comment, and general statements of policy, which do not. GAO concluded that the Bulletin meets this definition “since it applies to all indirect auto lenders; it has future effect; and it is designed to prescribe the Bureau’s policy in enforcing fair lending laws.” GAO’s decision may allow Congress to repeal the four year old Bulletin through a House and Senate majority vote under the CRA, followed by the President’s signature. Sen. Toomey issued a statement saying, “I intend to do everything in my power to repeal this ill-conceived rule using the [CRA].”
Additionally, and as expected, on December 5, former Director Richard Cordray officially announced his candidacy for governor of Ohio.
In his first week at the Bureau, Mulvaney ordered freezes on hiring and any new regulations for 30 days, and also announced a halt to payouts from the enforcement fund. It is also reported that Mulvaney has put new enforcement actions on hold as he reviews on-going matters. Additionally, on December 1, the White House appointed Brian Johnson, an aide to House Financial Services Committee Chairman Jeb Hensarling (R-Texas), to assist Mick Mulvaney in his role as the Acting Director of the CFPB. Johnson was a featured speaker at Buckley Sandler’s CFPB Today conference at the end of October.
As previously covered by InfoBytes, Judge Timothy Kelly, denied CFPB Deputy Director Leandra English’s request for a temporary restraining order preventing Mulvaney from acting as the Acting Director. English is expected to continue the litigation; a briefing schedule is due in the case by December 1.
On November 21, a ride-sharing company disclosed via press release a 2016 data breach that exposed the personal data of 57 million riders and drivers. According to the company, an outside forensic investigation revealed that in October 2016 hackers obtained approximately 600,000 driver names and license numbers, along with rider names, email addresses, and mobile phone numbers. The company claimed that hackers did not obtain driver or passenger social security, credit card, bank account, birth date, or trip location information. Though the company stated that it has taken action to address the delay in notifying affected individuals and regulators, lawsuits filed by the State of Washington and the City of Chicago claim that the company capitulated to hackers’ demands and “paid the hackers to delete the consumer data and keep quiet about the breach.”
According to a letter from the company to the Washington attorney general attached to the state’s complaint, the company “is taking personnel actions with respect to some of those involved in the handling of the incident.” The company further stated that it has “implemented and will implement further technical security measures, including improvements related to both access controls and encryption.”
According to sources, three separate class action lawsuits have been filed against the company as a result of the 2016 breach (see here, here, and here) and five attorneys general (New York, Illinois, Connecticut, Massachusetts, and Missouri) have launched investigations.
The 2016 data breach follows a settlement in January of that year with the New York Attorney General related to allegations that the company failed to promptly disclose a 2014 data breach. The 2014 data breach involved an alleged failure to prevent unauthorized access to the company’s consumer and driver data maintained on a third-party cloud service provider. As previously reported in InfoBytes in August, the company reached a settlement with the FTC related to the 2014 data breach; however, that settlement was entered into before the company disclosed the existence of the 2016 breach.
In a related development, on November 27, the U.S. District Court for the Northern District of California dismissed without prejudice a putative class action lawsuit against the company related to the 2014 data breach. The court held that the driver’s name, license number, and limited banking information disclosed in the breach was not the type of personally identifiable information that could expose plaintiffs to the risk of identity theft. Accordingly, the court dismissed the case for lack of Article III standing. The court also granted plaintiffs a final opportunity to amend their complaint to address the standing deficiencies.
On November 28, Judge Timothy Kelly denied a request by Leandra English, who was appointed Deputy Director of the CFPB by Richard Cordray on the same day as his resignation, for a temporary restraining order preventing the President from appointing anyone other than English as Acting Director and preventing Mick Mulvaney from serving as the Acting Director (see previous InfoBytes coverage for details).
English’s counsel, in remarks to reporters outside the courtroom, stated they may seek an appeal, may move for a preliminary injunction, or may move for an expedited final decision on the merits.
On November 26, the newly appointed Deputy Director of the CFPB, Leandra English, filed a lawsuit in U.S. District Court for the District of Columbia against President Trump and Mick Mulvaney, the Director of the Office of Management and Budget (OMB), seeking declaratory judgments that English is the Acting Director of the CFPB – and Mulvaney is not – as well as emergency temporary restraining orders preventing the President from appointing anyone other than English as Acting Director and preventing Mulvaney from acting as the Acting Director.
The legal action results from the November 24 resignation of Richard Cordray as the Director of the CFPB and his naming of English as the Bureau’s Deputy Director (previously covered by a Buckley Sandler Special Alert) citing to section 1011(b)(5) of the Dodd-Frank Act (DFA), which provides that the CFPB’s Director may appoint the Deputy Director who “shall…serve as acting Director in the absence or unavailability of the Director.” Following Cordray’s official resignation, the White House issued an announcement appointing Mulvaney as Acting Director under the Federal Vacancies Reform Act of 1998 (FVRA).
On November 25, the Department of Justice (DOJ) Office of Legal Counsel released a memorandum in support of the President’s authority to designate Mulvaney as the Acting Director of the Bureau under the FVRA. According to the DOJ, while Congress recognized there would be cases in which FVRA was not the “exclusive means” for succession, Congress did not intend for the FVRA to be “unavailable” when another statute provides an alternative for succession. Accordingly, the DOJ asserts that, notwithstanding the succession provision in the DFA, FVRA gives the President the authority to, “rely upon it in designating an acting official in a manner that differs from the order of succession otherwise provided by an office-specific statute.” In her complaint, English argues that the succession provision in the DFA controls over the FVRA and that the appointment of a White House official is inconsistent with the CFPB’s independent structure.
Similarly, on November 25, the General Counsel for the CFPB, Mary Mcleod, issued a statement to the senior leaders of the Bureau concurring with the DOJ’s conclusion that “the President may use the [FVRA] to designate an acting official, even when there is a succession statute under which another official may serve as acting.” Mcleod concluded that Mulvaney is the Acting Director of the CFPB and encouraged all Bureau staff to act consistently with that conclusion.
Oral arguments on English’s emergency motion were held on November 27 by Judge Timothy Kelly, a Trump appointee. Judge Kelly did not rule on the motion and granted the government’s request to file papers responding to English’s arguments.
On November 14, the U.S. Court of Appeals for the Second Circuit reversed a Southern District of New York dismissal of a lawsuit against a debt collection law firm regarding actions taken during state court collection proceedings. Concluding that the plaintiff had stated a claim against the law firm under two sections of the Fair Debt Collection Practices Act (FDCPA), a three-judge panel vacated the dismissal and remanded for further proceedings consistent with its decision.
The appeal stems from the law firm’s actions in attempting to collect on a default judgment entered against the plaintiff. After receiving a restraining notice from the law firm, the plaintiff’s bank placed a restraint on his checking account and the law firm told plaintiff that, unless he made a payment, he would have to get a court order to lift the restraint. The plaintiff sought such an order on the grounds that all the money in his checking account was Social Security Retirement Income (SSRI) and, therefore, exempt from restraint. The plaintiff claimed that the law firm’s objection to his request contained false statements in violation of the FDCPA and New York law because the plaintiff had earlier provided the law firm with documents supporting his exemption claim.
In finding the complaint states a claim under FDCPA section 1692e, the Court rejected, among other arguments made by the law firm, the notion that FDCPA liability cannot be imposed based on conduct in litigation; the opinion contrasts bankruptcy court proceedings—where the Second Circuit has found the filing of false statements of claim does not violate the FDCPA—with those of state courts, “where . . . the consumer, often unfamiliar with the law governing garnishment of bank accounts, has the benefit of neither counsel nor a bankruptcy trustee.” The Court also held that “a debt collector engages in unfair or unconscionable litigation conduct in violation of [FDCPA] section 1692f when . . . it in bad faith unduly prolongs legal proceedings or requires a consumer to appear at an unnecessary hearing.”
CFPB Initiates Complaint Against Company for Deceptive, Unfair, and Abusive Loan Collection Practices
On November 15, the CFPB announced it had filed a complaint against a Texas-based service provider, alleging that it had assisted in the collection of loans that were, in whole or in part, void under state law. The complaint filed in the U.S. District Court for the District of Montana alleges that the service provider, which provided services to three tribal lending entities engaged in the business of extending online installment loans and lines of credit, along with two companies responsible for the collection process (collectively defendants), assisted in the collection of loans that consumers were not legally obligated to pay based on identified states’ usury laws or licensing requirements. Although the specific claims vary by defendant, the complaint alleges that the defendants engaged in deceptive, unfair, and abusive acts and practices in violation of the Consumer Financial Protection Act (CFPA) by:
- misrepresenting that consumers were responsible for money owed on loans that were void in whole or in part, or did not exist, because the loans were void under state licensing or usury laws (voided loans);
- demanding repayment from consumers on voided loans by issuing “demand letters,” electronically debiting funds from consumer bank accounts, and placing phone calls to consumers;
- failing to disclose to consumers that defendants had no legal right to collect on certain voided loans and that consumers were not legally obligated to repay the loans;
- causing injury to consumers by servicing and collecting on the voided loans;
- taking advantage of consumers’ “lack of understanding” regarding the voided loans; and
- providing assistance in, or administering, the origination and collection of the voided loans.
The CFPB is seeking monetary relief, civil money penalties, injunctive relief, and a prohibition of the service provider’s ability to commit future violations of the CFPA.
On November 9, the CFPB filed a brief with the Supreme Court opposing the petition for a writ of certiorari submitted by online tribal lending entities. The lenders are challenging a January decision by the Ninth Circuit Court of Appeals, which ordered the entities to comply with a CFPB investigation (previously covered by Infobytes). The litigation stems from the issuance of a civil investigative demand (CID) by the CFPB to online lending entities owned by Native American tribes. The entities argue that due to tribal sovereignty, the CFPB does not have jurisdiction over the small-dollar lending services in question. The district court and the Ninth Circuit concluded that the Consumer Financial Protection Act (CFPA) did not expressly exclude tribes from the CFPB’s enforcement authority and therefore, the entities cannot claim tribal sovereign immunity.
In its brief opposing the certiorari petition, the CFPB argues that the Ninth Circuit’s holding does not conflict with any prior Supreme Court or court of appeals decision, making further review unwarranted. The CFPB also argues, among other things, that Supreme Court review is unnecessary because “[t]he question at this juncture is solely whether the Bureau may obtain information from petitioners pursuant to a CID,” not “whether petitioners are subject to the Bureau’s regulatory authority.”
On November 7, the Northern District Court of California upheld a $60 million jury verdict against a credit reporting agency regarding the use of its OFAC Alert (previously covered by InfoBytes). The verdict stems from a 2012 class action lawsuit in which the plaintiffs alleged that the defendant had failed to distinguish law-abiding citizens from drug traffickers, terrorists, and other criminals with similar names found on the Treasury Department’s OFAC database. Following the defendant's motion for judgment as a matter of law or a new trial, the district court agreed with the jury’s findings that the defendant (i) “willfully fail[ed] to follow reasonable procedures to assure the maximum possible accuracy of the OFAC information it associated with members of the class’’; (ii) “willfully failed to clearly and accurately disclose OFAC information in the written disclosures it sent to members of the class”; and (iii) “failed to provide class members a summary of their FCRA rights with each written disclosure made to them.”
District Court Denies Summary Judgement to Both Parties, Cites Issue of Material Fact Concerning Prepopulated Electronic Signature
On October 18, a federal judge in the U.S. District Court for the District of South Carolina denied summary judgment to both parties because there was a genuine issue of material fact regarding whether a “meaningful offer” of underinsured motorist coverage (UIM) was made. The insured’s electronic signature on the UIM form would indicate that the defendant made a “meaningful offer” of UIM coverage, as required under South Carolina law, and such coverage was rejected. The dispute however, in this case was about whether the electronic signature was prepopulated by the defendant.
Plaintiff purchased an auto insurance policy from the defendant online, and the coverage did not include UIM coverage. Plaintiff argued that he never signed the UIM coverage provision and that instead, his signature was prepopulated by the defendant’s website. The plaintiff argued that his prepopulated signature did not satisfy the requirements for a meaningful offer of UIM coverage. The defendant rebutted by stating that prepopulating portions of the UIM form is compatible with providing a meaningful offer of UIM coverage. The court was “disinclined to agree” with the defendant’s argument that a “prepopulated signature that appears on an insurance policy before the insured reads through and signals affirmative consent. . .fulfills” the UIM requirements. After reviewing the record, which was limited to screenshots produced by the plaintiff (as the defendant’s attempt to proffer additional system-based evidence was refused by the court because the defendant previously objected to producing it during discovery), the court concluded that it could not grant summary judgment to either party because of the factual dispute regarding whether the plaintiff signed the UIM provision.
- Benjamin W. Hutten to discuss "BSA program reporting, management and board of directors responsibilities" at the Georgia Bankers Association BSA Experience Program
- Hank Asbill to discuss "Ethical guidance in conducting internal investigations – The intersection of Yates and Upjohn" at the American Bar Association Southeastern White Collar Crime Institute
- H Joshua Kotin to discuss "Recent developments in fair lending and avoiding the pitfalls" at the Arkansas Community Bankers/Bankers Assurance 2019 Compliance Conference
- Brandy A. Hood to discuss "RESPA Section 8/referrals: How do you stay compliant?" at the New England Mortgage Bankers Conference
- Daniel P. Stipano to discuss "Risk management in enforcement actions: Managing risk or micromanaging it" at the American Bar Association Business Law Section Annual Meeting
- Valerie L. Hletko to discuss "Banking on guns ‘n drugs: Social policy meets financial services" at the American Bar Association Business Law Section Annual Meeting
- Daniel P. Stipano to discuss "Navigating the conflicting federal and state laws for doing business with cannabis companies" at the American Bar Association Business Law Section Annual Meeting
- Tim Lange to discuss "Services and value" at the North American Collection Agency Regulatory Association Annual Conference
- Katherine L. Halliday to discuss "UDAP, UDAAP & the Map rule compliance basics" at the Mortgage Bankers Association Regulatory Compliance Conference
- Amanda R. Lawrence to discuss "Data privacy litigation" at the Mortgage Bankers Association Regulatory Compliance Conference
- Brandy A. Hood to discuss "How to ace your TRID exam" at the Mortgage Bankers Association Regulatory Compliance Conference
- Melissa Klimkiewicz to discuss "Navigating FHA rules and regs" at the Mortgage Bankers Association Regulatory Compliance Conference
- Jeffrey P. Naimon to discuss "Washington regulatory overview" at the Mortgage Bankers Association Regulatory Compliance Conference
- Jonice Gray Tucker to discuss "HMDA data is out, now what?" at the Mortgage Bankers Association Regulatory Compliance Conference
- Daniel P. Stipano to discuss "Assessing the CDD final rule: A year of transitions" at the ACAMS AML & Financial Crime Conference
- Daniel P. Stipano to discuss "Lessons learned from recent enforcement actions and CMPs" at the ACAMS AML & Financial Crime Conference
- Kathryn L. Ryan to discuss "The state’s role in fintech: Providing an industry framework for innovation" at Lend360
- Jeffrey P. Naimon to discuss "Truth in lending" at the American Bar Association National Institute on Consumer Financial Services Basics
- Daniel P. Stipano to discuss "Lessons learned from recent enforcement actions" at the Institute of International Bankers Risk Management and Regulatory Examination/Compliance Seminar
- Jonice Gray Tucker to discuss "Fintech regulatory developments, crypto-assets, blockchain and digital banking, and consumer issues" at the Practising Law Institute Banking Law Institute
- Amanda R. Lawrence to discuss "How to balance a successful (and stressful) career with greater personal well-being" at the American Bar Association Women in Litigation Joint CLE Conference