Skip to main content
Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations

Filter

Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • Michigan establishes provisions for credit services organizations

    State Issues

    On January 27, the Michigan governor signed HB 4411, which establishes provisions for credit service organizations. Among other things, HB 4411 prohibits persons engaged in credit service activities from (i) charging or receiving money from a buyer seeking a loan, extension of credit, or other valuable consideration before closing; (ii) charging a buyer or receiving from a buyer money or other valuable consideration before completing all agreed upon services, or “for referral to a retail seller that will or may extend credit to the buyer if the credit that is or may be extended to the buyer is substantially the same as that available to the general public”; (iii) making or using false or misleading representations, or engaging in a fraudulent or deceptive act or practice connected with the offer or sale of a credit services organization, stating that the organization has the ability to delete adverse credit history, or guaranteeing that the organization can obtain an extension of credit regardless of the buyer’s credit history; (iv) failing to perform the agreed upon services within 90 days after the contract is signed by the buyer; (v) advising a buyer to make untrue or misleading statements to certain entities, including a consumer credit reporting agency; (vi) assisting in the removal of adverse credit information that is accurate and not obsolete, or assisting a buyer in creating a new credit record using alternative personal information; and (vii) submitting buyer disputes to consumer credit reporting agencies without a buyer’s knowledge. The act is effective immediately.

    State Issues State Legislation Consumer Finance Credit Furnishing Credit Reporting Agency Credit Repair Credit Report Credit Services Business

  • Appellate Court reverses and remands FACTA action

    Courts

    On January 22, the Illinois Appellate Court, Second District, reversed the dismissal for lack of standing of a FACTA class action brought on behalf of the class by two individuals (consumers) who claimed that an entertainment company (defendant) violated the act when it printed more than the last five digits of the consumers’ payment card number on their receipts. According to the opinion, the complaint alleged that the consumers made a number of purchases from the defendant, each time receiving sales receipts with the first six digits and the last four digits of the consumers’ debit card printed on each receipt. The consumers then filed a class action suit accusing the defendant of willful violation of FACTA, and further, of knowingly or recklessly failing to adhere to the acts’ prohibition against ‘“print[ing] more than the last 5 digits of the card or the expiration date upon any receipt provided to the cardholder at the point of the sale or transaction.”’ The defendants first removed the action to federal district court, which granted the consumers’ motion to remand back to state court. The defendants then argued that: (i) the consumers lacked standing because they failed to allege an injury; and (ii) the consumers failed to allege facts showing a willful violation of FACTA. The lower court granted the defendant’s motion to dismiss as to standing on the first allegation, but did not consider the second allegation of willfulness, after which the consumers appealed.

    Upon appeal, the court reversed the lower court’s dismissal for lack of standing noting that unlike federal courts, Illinois circuit courts are vested with “jurisdiction to adjudicate all controversies,” and determined that the consumers did have standing to sue even without pleading actual injury, as an allegation of the violation was sufficient. The court stated that “when a person willfully fails to comply with FACTA’s truncation requirements, the statute provides a private cause of action for statutory damages and does not require a consumer to suffer actual damages before seeking recourse.” Additionally, the court decided that the consumers had alleged “sufficient facts” to show that defendant willfully violated FACTA. The panel remanded the case to the lower court to further consider the issues.

    Courts State Issues FACTA Enforcement Class Action Consumer Protection Appellate

  • Point-of-sale finance company enters into consent order with California DBO

    State Issues

    On January 16, the California Department of Business Oversight (DBO) and a point-of-sale finance company entered into a consent order to resolve the DBO’s allegations that the company had made loans without a license to California consumers. According to the order, the company applied for a license under the California Financing Law (CFL) in September 2019. The DBO initially denied the company’s license application on December 30, 2019 (previously covered by InfoBytes here) and issued a statement of issues explaining its reasoning. The DBO found that the company’s transactions were disguised loans subject to the CFL. The company had argued that its transactions were credit sales not subject to the CFL. Ultimately, the company agreed to resolve the matter and pay $282,000 in refunds to consumers and a $28,200 fine for unlicensed lending. Additionally, the company agreed to “cease providing loans or extensions of credit to California residents by means of purchasing credit sales contracts from merchants” and “only provide loans or extensions of credit to California residents under the authority of a license issued by the Commissioner under the CFL.” Simultaneous with the announcement of the consent order, the DBO issued the company a license.

    State Issues Consumer Finance Consumer Lending | Consumer Finance Licensing Consent Order Fintech CDBO

  • Illinois AG sues credit repair companies for deceptive practices

    State Issues

    On January 13, the Illinois attorney general announced that he filed two separate suits in the Circuit Court of Cook County against two credit repair companies and three individuals who allegedly engaged in deceptive and fraudulent practices when promoting credit repair services to consumers and collecting debts in violation of the Consumer Fraud and Deceptive Business Practices Act, the Credit Services Organization Act, and the Collection Agency Act.

    In the first complaint, the AG alleges a credit repair agency is not registered in Illinois as a credit services organization, and that it, along with its owner, a co-defendant, has not filed the statutorily required $100,000 surety bond with the Secretary of State’s office. The AG’s complaint alleges that the company charges unlawful upfront fees while making false promises that it will increase consumers’ credit scores. When the defendants fail to live up to these promises, they subsequently refuse to refund the money that consumers paid for the credit repair services they did not receive.

    In the second complaint, the AG makes the same allegations against a different credit repair company, its owner, and a former employee. In addition, the second complaint also alleges that the company operates as a debt collection agency, but does not possess the requisite state license as a collection agency. Further, the complaint claims that, among other things, the defendants extract payments for “completely fabricated” payday loan debt from consumers who do not actually owe on the loans by using threats and other abusive and harassing collection tactics.

    The AG seeks a number of remedies including injunctive relief prohibiting all defendants from engaging in any credit repair business, and prohibiting the second company and its owner and employee from engaging in any debt collection business; rescission of consumer contracts; and restitution to all affected consumers.

    State Issues Courts Advertisement Enforcement State Attorney General Consumer Protection Fraud Credit Repair Licensing Restitution Rescission CROA Consumer Complaints Debt Collection

  • State AGs urge OCC to withdraw Madden proposal

    State Issues

    On January 21, a bipartisan collation of attorneys general from 21 states and the District of Columbia, along with the Hawaii Office of Consumer Protection, submitted a comment letter in response to the OCC’s proposed rule to clarify that when a national bank or savings association sells, assigns, or otherwise transfers a loan, the interest permissible prior to the transfer continues to be permissible following the transfer. (See Buckley Special Alert on the proposed rule.) The coalition, led by California, Illinois, and New York, urges the OCC to withdraw the proposed rule. Among their concerns, the AGs argue that the OCC’s proposal conflicts with the National Bank Act and Dodd-Frank, exceeds the OCC’s statutory authority, and is in violation of the Administrative Procedure Act. Specifically, the AGs claim that the proposed rule conflicts with National Bank Act (NBA) provisions that grant benefits of federal preemption only to national banks and no one else. Moreover, the AGs assert that Congress explicitly stated in Dodd-Frank that “that the benefits of federal preemption provided by the NBA accrue only to [n]ational [b]anks,” (emphasis in original) and argue that the proposed rule would contravene “this important limitation” and “cloak non-banks in [the NBA’s] preemptive power.” Moreover, the NBA sections say “nothing about interest chargeable by assignees, transferees, or purchasers of bank loans,” the AGs write.

    The AGs also argue that the proposed rule would facilitate predatory “rent-a-bank schemes” by allowing non-bank entities to ignore state interest rate caps and usury laws. “The OCC has not addressed, even summarily, how the [p]roposed [r]ule, if adopted, will serve to incentivize and sanction predatory rent-a-bank schemes,” the AGs state. “This failure to consider the substantial negative consequences this rule would have on consumer financial protection across the country renders the OCC’s [p]roposed [r]ule arbitrary and capricious.” Furthermore, the AGs contend that the OCC’s proposed rule contains no factual findings or reasoned analysis to support its proposal to extend NBA preemption to all non-bank entities that purchase loans from national banks. “[T]his is beyond the agency’s power,” the AGs argue, asserting that “[t]he OCC simply ‘may not rewrite clear statutory terms to suit its own sense of how the statute should operate.’”

    State Issues State Attorney General OCC Madden Courts Interest Interest Rate Usury National Bank Act Dodd-Frank Administrative Procedures Act Preemption

  • State AGs support congressional disapproval of 2019 Borrower Defense Rule

    State Issues

    On January 14, a coalition of attorneys general from 19 states and the District of Columbia sent a letter to Congress in support of H.J. Res. 76, which was passed by the House of Representatives on January 16, and provides for congressional disapproval of the Department of Education’s 2019 Borrower Defense Rule (covered by InfoBytes here). The Department’s 2019 Borrower Defense Rule, published last September and set to take effect July 1, revises protections for student borrowers that were significantly misled or defrauded by their higher education institution and establishes standards for loan forgiveness applicable for “adjudicating borrower defenses to repayment claims for Federal student loans first disbursed on or after July 1, 2020.”

    The AGs claim, however, that the 2019 Borrower Defense Rule “provides no realistic prospect for borrowers to discharge their loans when they have been defrauded by predatory for-profit schools, and . . . eliminates financial responsibility requirements for those same institutions.” The AGs further argue that the new provisions require “student borrowers to prove intentional or reckless misconduct on the part of their schools,” which they claim is “an extraordinarily demanding standard not consistent with state laws governing liability for unfair and deceptive conduct.” Other standards, such as requiring student borrowers to “prove financial harm beyond the intrinsic harm caused by incurring federal student loan debt as a result of fraud” and establishing a three-year time bar on borrower defense claims, would further reduce protections for student borrowers. Citing to several state enforcement actions taken against for-profit schools for alleged deceptive and unlawful tactics, the AGs stress the need for a “robust and fair borrower defense rule.”

    State Issues State Attorney General U.S. Senate Department of Education Student Lending Congress Borrower Defense

  • District Court: Michigan privacy law covers out-of-state residents

    Courts

    On January 16, the U.S. District Court for the Eastern District of Michigan denied a publishing company’s motion to dismiss putative class allegations that it disclosed subscribers’ personal information to third parties, ruling that the subscribers did not need to live in Michigan in order to bring claims under the state’s Personal Privacy Protection Act (PPPA). According to the plaintiff, the company allegedly disclosed magazine subscribers’ personal reading information (PRI) to data aggregators that would then supplement it with additional information (including age, gender, income, and employer names) in order to create detailed customer profiles. The company then allowed “almost any organization to rent a customer list containing numerous categories of detailed customer information,” the plaintiff alleged. The company argued, however, that the plaintiff, who resides in Virginia, lacked standing to bring claims under the PPPA because the law protects only Michigan residents. The company also contended that the plaintiff failed to demonstrate concrete injury suffered as a result of the company’s alleged disclosure of PRI to third parties without consent.

    The court disagreed with both arguments, stating that the company’s argument “rests solely on the fact that a non-Michigan resident has never brought suit under the PPPA,” which is “unpersuasive and contravened by the language of the statute and case law.” The PPPA does not impose a residency requirement in order for customers to qualify for protections under the statute, the court stated, noting that “[i]f the Michigan legislature intended to limit the statute to Michigan residents, it could have done so explicitly.” Among other things, the court also concluded that the plaintiff satisfied the injury-in-fact element for Article III standing because “the alleged economic harm caused by the disclosure of PRI provides support to conclude [the plaintiff] suffered a concrete injury.”

    Courts Class Action State Issues Privacy/Cyber Risk & Data Security Third-Party

  • NYDFS appoints Leandra English to executive team

    State Issues

    On January 14, NYDFS Superintendent Linda Lacewell announced that former Deputy Director of the CFPB, Leandra English, will serve as Special Policy Advisor to the Department. In her role, English will report directly to Lacewell and will manage and develop NYDFS’ policy initiatives involving consumers, financial services, and other issues. English will also be responsible for spearheading NYDFS’ policy development and analysis process, and assisting in the identification of common regulatory trends and risks across industries. 

    State Issues NYDFS State Regulators Consumer Protection Financial Services Authority

  • Washington state introduces comprehensive privacy bill

    Privacy, Cyber Risk & Data Security

    On January 13, Washington state lawmakers announced two bills designed to strengthen consumer access and control over personal data and regulate the use of facial recognition technology. Highlights of SB 6281, the Washington Privacy Act, include the following:

    • Applicability. SB 6281 will apply to legal entities that conduct business or produce products or services that are targeted to Washington consumers that also (i) control or process personal data for at least 100,000 consumers; or (ii) derive more than 50 percent of gross revenue from the sale of personal data, in addition to processing or controlling the personal data of at least 25,000 consumers. Exempt from SB 6281, among others, are state and local governments, municipal corporations, certain protected health information, personal data governed by state and federal regulations, and employment records.
    • Consumer rights. Consumers will be able to exercise the following concerning their personal data: access; correction; deletion; data portability; and opt-out rights, including the right to opt out of the processing of personal data for targeted advertising and the sale of personal data.
    • Controller responsibilities. Controllers required to comply with SB 6281 will be responsible for (i) transparency; (ii) limiting the collection of data to what is required and relevant for a specified purpose; (iii) ensuring data is not processed for reasons incompatible with a specified purpose; (iv) securing personal data from unauthorized access; (v) prohibiting processing that violates state or federal laws prohibiting unlawful discrimination against consumers; (vi) obtaining consumer consent in order to process sensitive data; and (vii) ensuring contracts and agreements do not contain provisions that waive or limit a consumer’s rights. Controllers must also conduct data protection assessments for all processing activities that involve personal data, and conduct additional assessments each time a processing change occurs that “materially increases the risk to consumers.”
    • State attorney general. SB 6821 does not create a private right of action for individuals to sue if there is an alleged violation. However, the AG will be permitted to bring actions and impose penalties of no more than $7,500 per violation. The AG will also be required to submit a report evaluating the liability and enforcement provisions of SB 6281 by 2022 along with any recommendations for change.
    • Information sharing. SB 6281 will allow the state governor to enter into agreements with British Columbia, California, and Oregon, which will allow personal data to be shared for joint research initiatives.
    • Facial Recognition. SB 6281 will establish limits on the commercial use of facial recognition services. Among other things, the bill will require third-party testing on all services prior to deployment for accuracy and unfair performance, conspicuous notice when a service is deployed in a public space, and will require companies to receive consumer consent prior to enrolling an image in a service used in a public space.

    The second bill, SB 6280, will more specifically govern the use of facial recognition services by state and local government agencies, and, among other things, outlines provisions for the use of facial recognition services when identifying victims of crime, stipulates restrictions concerning ongoing surveillance, and requires agencies to produce an annual report containing a compliance assessment.

    As previously covered by InfoBytes, last year, New York introduced proposed legislation (see S 5642) that seeks to regulate the storage, use, disclosure, and sale of consumer personal data by entities that conduct business in New York state or produce products or services that are intentionally targeted to residents of New York state. Provisions included in the measures introduced by New York and Washington state differ from those contained in the California Consumer Privacy Act (CCPA), which took effect January 1. (Previous InfoBytes coverage on the CCPA is available here.)

    Privacy/Cyber Risk & Data Security Privacy Rule State Issues State Legislation Consumer Protection State Attorney General Opt-In

  • Creditor collateral protection insurance disclosures required in New Jersey

    State Issues

    On January 13, the New Jersey governor signed S 2998, which amends the state’s collateral protection insurance (CPI) disclosure requirements. The amendments provide that when CPI is required and provided by the creditor, the creditor must disclose to the consumer debtors that they will be responsible for interest on the CPI cost “at the same rate that is applied pursuant to [the debtor’s] credit agreement.” The creditor must also provide a “good faith estimate” of what the CPI coverage will cost the debtor. Additionally, the creditor must instruct the debtors how to provide evidence of the required insurance, so that in those instances where the debtor obtains CPI, the creditor-purchased CPI can be cancelled and the costs and interest fees can be recovered. The amendments take effect on April 12.

    State Issues State Regulation State Legislation Disclosures Debt Collection Insurance

Pages

Upcoming Events