InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
California amends certain debt collector licensing provisions
On September 27, the California governor signed AB 156, which, among other things, amends various provisions of the Debt Collection Licensing Act to allow any debt collector that submits an application to the commissioner of the Department of Financial Protection and Innovation before January 1, 2023, to operate pending the approval or denial of the application. The amendments also authorize the commissioner to issue a conditional license pending the receipt and review of fingerprints and related information. Additional provisions state that a conditional license will expire under certain conditions, including the issuance of an unconditional license. The amendments also grant the commissioner authorization to deem an application abandoned. The amendments take effect January 1, 2023.
California amends protections for servicemembers and veterans
On September 27, the California governor signed SB 1311 to enact the Military and Veteran Consumer Protection Act of 2022. The Act updates several provisions related to servicemembers and veterans, including amending existing law to provide that a person will be liable for an additional civil penalty of up to $2,500 for each violation if the person engages in “unfair competition, including any unlawful, unfair, or fraudulent business act or practice and unfair, deceptive, untrue, or misleading advertising,” against one or more servicemembers or veterans. Additionally, the Act amends certain provisions related to enforcement of the federal Military Lending Act (MLA). Specifically, the bill makes “any security interest in personal property other than a motor vehicle, off-highway vehicle, trailer, or aircraft void if it would cause a loan procured by specified service members in the course of purchasing the personal property to be exempt from the [MLA].” The Act also makes “any security interest in a motor vehicle void if it would cause a loan procured by specified service members in the course of purchasing the motor vehicle to be exempt from the [MLA] and the loan also funds the purchase of a credit insurance product or credit-related ancillary product.” The Act takes effect January 1, 2023.
FDIC releases August enforcement actions
On September 30, the FDIC released a list of administrative enforcement actions taken against banks and individuals in August. During the month, the FDIC made public seven orders consisting of “one consent order, one order terminating consent order, two orders of prohibition from further participation and three orders granting permission to file application and approving application for consent to participate in the conduct of the affairs of any insured depository institution.” Among the orders is a consent order imposed against a Mississippi-based bank by the FDIC and the Mississippi Department of Banking and Consumer Finance, which alleged that the bank engaged in unsafe or unsound banking practices or violations of law relating to the Bank Secrecy Act (BSA). While the bank consented to the action, it did so without admitting or denying any charges. Under the consent order, the bank must, among other things: (i) develop, adopt, and implement a written customer due diligence program; (ii) develop and establish a system of internal controls; and (iii) establish and maintain an independent testing program for compliance with the BSA and its implementing rules and regulations. The bank must also “conduct a lookback review all transactions of $3M or more starting with July 1, 2020, through February 28, 2022, to ensure all suspicious activity is identified, investigated and/or a SAR filed or a documented decision not to file is completed.”
DFPI cracks down on crypto-asset Ponzi schemes
On September 27, the California Department of Financial Protection and Innovation issued desist and refrain orders against 11 entities, including nine crypto asset trading platforms, one metaverse software development company, and one decentralized finance platform for violating California securities laws. While each of the 11 entities allegedly offered and sold unqualified securities through their platforms and promised various fixed rates of return to investors, DFPI claimed that the entities actually engaged in Ponzi-like schemes and used investor funds to distribute supposed profits and returns to other investors. Additionally, DFPI accused the entities of “luring” new investors through referral programs that operated like pyramid schemes in which investors would be paid commissions to recruit new investors. Referring to these as “high yield investment programs (HYIPs),” DFPI claimed the entities provided investors with few details about the people operating the HYIPs, how the HYIPs make money, or how the HYIPs facilitate deposits and withdrawals with crypto assets, among other things. DFPI also accused 10 of the 11 entities of making material representations and omissions to investors about the qualifications of their securities under California law as well as the purported risks. DFPI said in its announcement that it had been directed by an executive order issued by the governor in May (covered by InfoBytes here) to initiate enforcement actions to stop violations of consumer financial laws and to increase residents’ awareness of the benefits and risks associated with crypto asset-related financial products and services.
States accuse crypto platform of offering unregistered securities
On September 26, the New York attorney general sued a cryptocurrency platform for allegedly offering unregistered securities and defrauding investors. New York was joined by state regulators from California, Kentucky, Maryland, Oklahoma, South Carolina, Washington, and Vermont who also filed administrative actions against the platform. The states alleged that the platform failed to register as a securities and commodities broker but told investors that it was fully in compliance. According to the New York AG’s complaint, the platform promoted and sold securities through an interest-bearing virtual currency account that promised high returns for participating investors. The NY AG said that a cease-and-desist letter was sent to the platform last year, and that while the platform stated it was “working diligently to terminate all services” in the state, it continued to handle more than 5,000 accounts as of July. The complaint charges the platform with violating New York’s Martin Act and New York Executive Law § 63(12), and seeks restitution, disgorgement of profits, and a permanent injunction.
California’s Department of Financial Protection and Innovation (DFPI) said in a press release announcing its own action that it will continue to take “aggressive enforcement efforts against unregistered interest-bearing cryptocurrency accounts.” DFPI warned companies that crypto-interest accounts are securities and are therefore subject to investor protection under state law, including disclosure of associated risks.
Agencies announce hurricanes Fiona and Ian disaster relief guidance
On September 29, the FDIC, Federal Reserve Board, NCUA, OCC, and the Conference of State Bank Supervisors issued a joint interagency statement covering supervisory practices for financial institutions affected by Hurricanes Fiona and Ian. Among other things, the agencies informed institutions facing operational challenges that the regulators will expedite requests for temporary facilities, noting that in most cases, “a telephone notice to the primary federal and/or state regulator will suffice initially to start the approval process, with necessary written notification being submitted shortly thereafter.” The agencies also called on financial institutions to “work constructively” with affected borrowers, noting that “prudent efforts” to adjust or alter loan terms in affected areas “should not be subject to examiner criticism.” Institutions facing difficulties in complying with any publishing and reporting requirements should contact their primary federal and/or state regulator. Additionally, the agencies noted that institutions may receive Community Reinvestment Act consideration for community development loans, investments, or services that revitalize or stabilize federally designated disaster areas. Institutions are also encouraged to monitor municipal securities and loans impacted by Hurricanes Fiona and Ian.
HUD also announced disaster assistance for areas in Puerto Rico affected by Hurricane Fiona. The disaster assistance follows President Biden’s major disaster declaration on September 21. According to the announcement, effective immediately, HUD is issuing 29 regulatory and administrative waivers intended to provide flexibility and relief to impacted communities. The waivers cover the following HUD programs: The Community Development Block Grant Program, HOME Investment Partnerships Program, Housing Opportunities for Persons with AIDS Program, Continuum of Care Program, and Emergency Solutions Grant Program. HUD is also providing an automatic 90-day moratorium on foreclosures of FHA-insured home mortgages for covered properties effective September 21, as well as for mortgages to Native American borrowers guaranteed under Section 184 Indian Home Loan Guarantee program and home equity conversion mortgages. HUD is also making various FHA insurance options available to victims whose homes require repairs or were destroyed or severely damaged. HUD’s Section 203(h) program allows borrowers from participating FHA-approved lenders to obtain 100 percent financing, including closing costs, for homes in which “reconstruction or replacement is necessary.” Additionally, HUD’s Section 203(k) loan program will allow individuals to finance the purchase of a house, or refinance an existing house and the costs of repair, through a single mortgage. The program also allows homeowners with damaged property to finance the repair of their existing single-family homes. HUD will also share information on housing providers and HUD programs with FEMA and the state, and will provide flexibility to public housing agencies. Similar disaster assistance measures were also announced (see here and here) for areas of Alaska affected by severe storms, flooding, and landslides from September 15-20, and areas in Florida impacted by Hurricane Ian.
The FDIC also issued FIL-42-2022 to provide regulatory relief to financial institutions and help facilitate recovery in areas of Puerto Rico affected by Hurricane Fiona from September 17 and later. The FDIC acknowledged the unusual circumstances faced by institutions affected by the storms and suggested that institutions work with impacted borrowers to, among other things: (i) extend repayment terms; (ii) restructure existing loans; or (iii) ease terms for new loans to those affected by the severe weather, provided the measures are done “in a manner consistent with sound banking practices.” Additionally, the FDIC noted that institutions “may receive favorable Community Reinvestment Act consideration for community development loans, investments, and services in support of disaster recovery.” The FDIC will also consider regulatory relief from certain filing and publishing requirements.
Additionally, the OCC issued a proclamation permitting OCC-regulated institutions, at their discretion, to close offices affected by Hurricane Ian in Florida “for as long as deemed necessary for bank operation or public safety.” The proclamation directed institutions to OCC Bulletin 2012-28 for further guidance on actions they should take in response to natural disasters and other emergency conditions. According to the 2012 Bulletin, only bank offices directly affected by potentially unsafe conditions should close, and institutions should make every effort to reopen as quickly as possible to address customers’ banking needs.
NYDFS also issued an industry letter advising state-regulated financial institutions to take reasonable and prudent measures to assist consumers and businesses affected by Hurricane Fiona in Puerto Rico. The guidance recommends that financial institutions (i) waive ATM and overdraft fees; (ii) increase ATM withdrawal limits; (iii) ease restrictions on cashing out-of-state and non-customer checks; (iv) ease credit terms for new loans; (v) increase credit card limits for creditworthy customers; (vi) waive late fees on credit card and other loan balances; (vii) work with customers to defer payments or extend payment due dates on loans to help prevent delinquencies and negative credit reporting caused by disaster-related disruptions; and (viii) work with money transmitters and money services businesses to facilitate and expedite the transmission of funds. The actions are intended to help ease financial burdens for New Yorkers seeking to support individuals located in Puerto Rico, as well as consumers in Puerto Rico who hold New York bank accounts.
DC passes debt collection bill
On September 23, the District of Columbia mayor signed B24-0357, which updates the District’s collection laws by expanding protections to cover most consumer debt, in addition to strengthening existing protections for DC consumers. Among other things, the bill: (i) prohibits deceptive behavior from debt collectors, such as making threats; (ii) clarifies that no one can be jailed for failing to pay a debt; (iii) prohibits debt collectors from communicating any information regarding a person’s debt to employers or family members; and (vi) clarifies that debt buyers are required to follow all laws applicable to debt collectors. The law is currently effective.
Oregon issues remote work guidance to licensed loan originators
On September 21, the Oregon Department of Consumer and Business Services filed permanent administrative order FSR 3-2022 with the Secretary of State to allow licensed loan originators and employees to work from home. Under the order, Oregon licensed mortgage loan originators “may originate loans from a location other than from a licensed branch office if the location is the licensed mortgage loan originator’s home; the licensed mortgage loan originator is an employee of a mortgage banker or mortgage broker; and the mortgage banker or the mortgage broker complies with OAR 441-860- 0040, as applicable.” Mortgage bankers or brokers must have in place appropriate policies and procedures to supervise licensees working from home, including data security measures to protect consumers’ personal data. Additionally, licensees working from home “are prohibited from engaging in person with consumers for loan origination purposes at the home of the loan originator or employee, unless the home is licensed as a branch.” Licensees may, however, “engage with consumers for loan origination purposes at the home of the loan originator or employee by means of conference telephone or similar communications equipment that allows all persons participating in the visitation to hear each other, provided that participation is controlled and limited to those entitled to attend, and the identity of participants is determinable and reasonably verifiable.” Licensees who work from home are also prohibited from keeping any physical business records at any location other than a licensed location, and must also ensure that all origination records are available at a licensed location.
California updates mortgage licensing requirements
On September 23, the California governor signed SB 1495. The bill, among other things (i) updates requirements that the assurances required as a condition of license renewal would be that the licensee had, during the preceding 2-year period, informed themselves of those developments; (ii) expands the scope of the crime of perjury, thereby imposing a state-mandated local program; (iii) refers to the Nationwide Mortgage Licensing System and Registry in the provisions of the Real Estate Law as the “Nationwide Multistate Licensing System and Registry”’; and (iv) for real estate broker license applicants, moves the component on state and federal fair housing laws to the real estate practice course instead of the legal aspects of real estate course, and delays the revision to the real estate practice course until 2024. The bill also updates definitions of “SAFE Act,” and “mortgage loan originator.” The bill is effective January 1, 2023.
District Court rules beneficiary bank without actual knowledge of wire transfer misdescription is not liable
On September 22, the U.S. District Court for the Middle District of Louisiana granted summary judgment to a defendant beneficiary bank in an action concerning a fraudulent wire transfer that was allegedly sent to a hacker instead of the intended recipient. According to the opinion, the originating bank executed a wire transfer on behalf of the commercial plaintiff to a supplier. However, a hacker had inserted false account information into the supplier’s email to the plaintiff, causing the plaintiff’s instruction to the originating bank to indicate the wrong account at the beneficiary bank. As a result, the funds were deposited by the beneficiary bank into an account for which the account number did not match its account name. A large sum of the plaintiff’s money was thereupon withdrawn by a hacker from the account into which the funds had been deposited. The plaintiff sued asserting several claims, including, negligence and gross negligence, violations of the EFTA and the Louisiana’s Uniform Commercial Code (UCC), and aiding fraud. After all the claims except for the UCC claim were dismissed, the defendant moved for summary judgment on the grounds that it did not violate the UCC “because it did not have actual knowledge that the wire transfer at issue misdescribed the beneficiary prior to payment of the wire transfer as contemplated by that statute.”
The court ruled that based on the evidence, no reasonable juror could find that the defendant had actual knowledge of the misdescription at the time it made the transfer, explaining that the defendant did not have actual knowledge that a hacker had accessed the plaintiff’s wire transfer order, provided false instructions, and changed the target account number to its own. The court stated that under Louisiana law, a bank’s liability for completing a wire transfer that misidentifies a beneficiary or account number depends on whether it has “actual knowledge prior to payment that there was a misdescription of a beneficiary”—constructive knowledge is not actionable, the court said. The defendant also did not have actual knowledge of the misdescription prior to the payment, but rather acquired actual knowledge of the misdescription roughly two weeks later when the originating bank alerted the defendant of the alleged fraud. The court further contended that under Louisiana law a beneficiary bank that uses a fully automated payment system for wire transfers is allowed “to act on the basis of the number without regard to the name if the bank does not know that the name and number refer to different persons.”