InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
New Jersey warns licensed “teams” about violating state real estate statute
On July 12, the New Jersey Department of Banking and Insurance issued Bulletin No. 22-07 to remind real estate licensees (particularly licensees operating as a “team”), and brokers of record who are responsible for managing and supervising teams, of the requirement to ensure compliance with the Real Estate Broker and Salesperson Act and related regulations. Explaining that real estate “teams” are a growing trend in the industry, the Bulletin warned that while a team may “appear to operate independent of the brokerage firm through which they are licensed,” the team is not actually a separate brokerage, and “teams, their team leaders, team members and their supervising brokers must comply with the act and regulations.” The Bulletin continued that “[l]icensees can only accept compensation, including commissions, from their employing broker, and not a member of their team or their team leader. . . . Further, teams may not operate out of a separate, satellite office, unless such location is properly licensed with the New Jersey Real Estate Commission and maintained and supervised in accordance with the act and regulations.” The Bulletin also addressed advertising and webpage requirements for licensees.
Licensees who fail to comply with the regulations may be subject to fines, potential license suspension or revocation. Brokers who fail to supervise licensees or team members are subject to these penalties as well.
Coalition of state AGs release comment letter in opposition of federal privacy bills
On July 19, a coalition of state attorneys general, led by the California AG, released a comment letter in opposition to the American Data Privacy and Protection Act (ADPPA), H.R. 8152 and the Consumer Online Privacy Rights Act (COPRA), S. 3195. In the letter, the state AGs argued that, “Congress should adopt a federal baseline, and continue to allow states to make decisions about additional protections for consumers residing in their jurisdictions,” instead of preempting areas of state privacy regulation. The AGs expressed concern that the bills, as drafted, “appear to substantially preempt many states’ ability to investigate” federal privacy law violations. Specifically, the AGs argued that while the bills purport to preserve “state consumer laws and causes of action, they also provide that “a violation of this Act shall not be pleaded as an element of any such cause of action.’ The state AGs noted that usually, “a violation of a federal law or standard could also be a violation of state consumer protection law. But [the bills] would act as a bar to investigate violations of the federal law, because it prohibits them from forming the basis for state consumer protection claims.” The state AGs consider this language to "unnecessarily interfere with robust enforcement capabilities.”
District Court rules nonsignatory to credit card agreement cannot compel arbitration in debt collection case
On July 11, the U.S. District Court for the Central District of California denied a law firm defendant’s motion to compel arbitration in an FDCPA case. According to the order, the plaintiff’s credit card, opened with a South Dakota-based bank, was stolen and charged more than $8,500. The plaintiff claimed that the original creditor did not investigate, refused to remove the charges, and attempted to collect on the debt. The creditor filed suit against the plaintiff to collect, and the plaintiff sought to move the case to arbitration. The creditor placed the account with the defendant, a debt collection law firm, whom the plaintiff then sued in federal court alleging unlawful collection attempts. The defendant sought to compel arbitration, based on the arbitration clause in the original agreement between the plaintiff and the creditor. The district court held that South Dakota law governed the card agreement, and a court ruling from that state’s Supreme Court held that nonsignatories to an arbitration agreement can compel arbitration only where (i) the plaintiff alleged “substantially interdependent and concerted misconduct” between the signatory and nonsignatory; or (ii) the plaintiff’s claims against the nonsignatory arises out of the agreement. The district court stated that the plaintiff did not allege, nor could the district court infer, that the defendant worked “in concert” with the creditor to unlawfully collect the debt, but rather that it did not follow reasonable procedures under the FDCPA. Additionally, the district court held that the plaintiff’s claims did not arise out of the arbitration provision. Therefore, the nonsignatory defendant could not rely on the provision to compel arbitration.
Connecticut fines collection agency $10,000 for violating usury laws
On June 28, the Connecticut Department of Banking issued a consent order against a licensed consumer collection agency for allegedly engaging in numerous violations of state law. These include (i) collecting on loans made by unlicensed lenders affiliated with federally-recognized Native American tribes that violate state usury laws; (ii) commingling operating monies from its business account with funds in its trust accounts; and (iii) engaging in unfair or deceptive acts or practices by advertising financial products and services of unlicensed affiliates in communications with consumers. According to the order, an examination found that the company collected on loans made by unlicensed lenders affiliated with Native American tribes that charged interest rates exceeding state limits, and that the company received payments on small loans that violated other state statutes. The Connecticut Department of Banking noted that, pursuant to a Connecticut Supreme Court decision in Great Plains Lending, LLC v. Department of Banking, consumer collection agencies are prohibited “from collecting on small loans made by unlicensed persons, including lenders affiliated with Native American tribes." Such loans are considered void and unenforceable, the Department said.
While the company neither admitted nor denied any of the allegations, it voluntarily agreed to the imposition of sanctions to obviate the need for formal administrative proceedings. Under the terms of the consent order, the company must pay a $10,000 civil penalty, refund all amounts collected from Connecticut borrowers as payment on small loans made by unlicensed lenders affiliated with federally recognized Native-American tribes, implement appropriate policies and procedures, cease and desist from soliciting financial services products in its collection communications with consumers, and cease and desist from collecting, attempting to collect, and receiving payment on small loans not made in compliance with state law.
Rhode Island amends licensing provisions relating to remote working
On June 29, the Rhode Island governor signed SB 2794 into law, which amends licensing provisions related to remote employees, locations, and supervision. The bill adds definitions, eliminates certain requirements for licensees, and adds business operation guidance. Specifically, the bill, among other things, permits employees of a licensee to perform services for the licensee or act as a mortgage loan originator from a remote location, so long as certain requirements are met, which includes, among other things, that: (i) the employee is subject to the supervision of the licensee; (ii) the licensee has written policies and procedures for supervision of, and employs appropriate risk-based monitoring and oversight process of work performed by, employees working from remote locations; (iii) access to the licensee's computer platforms and to customer information is in accordance with the licensee's comprehensive written information security plan; (iv) no in-person customer interaction occurs at a remote location; and (v) physical records related to the licensee's business, including consumer information, are not maintained at the remote location. The bill also establishes that a remote location shall not be considered a branch of the licensee; however, activities conducted at a remote location shall be subject to examination. The bill is effective immediately.
NYDFS releases best practices for promoting PSLF program and time-limited waiver
On July 13, NYDFS called on all federal student loan servicers to increase awareness of and enroll borrowers in public service loan forgiveness programs before a temporary waiver expires on October 31. NYDFS’s letter reminded servicers that under the Public Service Loan Forgiveness (PSLF) program, full-time government and certain non-profit employees may be eligible to have federal direct loans forgiven after making 120 qualifying monthly payments. Last October, the Department of Education announced temporary PSLF changes due to the Covid-19 pandemic. These changes provided qualifying borrowers a time-limited PSLF waiver, which allows all payments to count towards PSLF regardless of loan program or payment plan (covered by InfoBytes here). Expressing concerns that many borrowers may not learn of this opportunity before it expires in October, NYDFS encouraged servicers to adopt eight best practices to promote awareness of the PSLF Program and the waiver. These include “enhanced trainings for customer service staff, proactive communications with borrowers, and increased promotion of the PSLF program on servicer websites and on borrower account pages,” NYDFS said in its announcement.
The letter follows a December 2021 NYDFS request sent to federal student loan servicers asking for updates on steps taken to address the waived rules. NYDFS also reminded servicers that it “will diligently enforce all servicer legal requirements concerning the PSLF program and will consider the extent to which servicers engaged in proactive measures to promote the PSLF Waiver in future supervisory examinations.”
Florida appeals court: Injury required for FACTA standing
On July 13, a Florida District Court of Appeals affirmed the dismissal of Fair and Accurate Credit Transactions Act (FACTA) class claims brought against a defendant shoe company after determining that the lead plaintiff lacked standing because he suffered no “distinct or palpable” injury. The plaintiff first filed a class action suit in federal court, claiming a receipt he received from the company included 10 digits of his credit card number—a violation of FACTA’s truncation requirement, which only permits the last five digits to be printed on a receipt. The plaintiff did not allege that his credit card was used, lost, or stolen in any way, nor was evidence presented to show there was any danger of his credit card being used. The suit was stayed pending the resolution of a different FACTA dispute in the U.S. Court of Appeals for the Eleventh Circuit. As previously covered by InfoBytes, a split en banc 11th Circuit concluded that the plaintiffs in that separate action lacked standing because they did not allege any concrete harm and vacated a $6.3 million settlement. Specifically, the en banc majority rejected the named plaintiff’s argument that “receipt of a noncompliant receipt itself is a concrete injury,” and noted that “nothing in FACTA suggests some kind of intrinsic worth in a compliant receipt.”
Following the 11th Circuit decision, the parties agreed to dismiss the federal action and remanded a later-filed action to state court where the plaintiff argued that “state standing was plenary and therefore less restrictive than federal standing.” The trial court disagreed and granted the defendant’s motion to dismiss, ruling that “Florida requires a concrete injury to have standing,” and “alleging a mere statutory violation does not convey standing per se.” The trial court ruled that “obtaining a receipt in alleged violation of FACTA does not satisfy this requirement,” and the appeals court agreed, holding that, among other things, no actual damages occurred since nothing was alleged to have been charged to the plaintiff’s account, nor was there the imminent possibility of injury because the plaintiff retained possession of the receipt. In its opinion, the appellate court cited the U.S. Supreme Court’s decisions in Spokeo and TransUnion with approval, noting that “individuals ‘must allege some threatened or actual injury resulting from the putatively illegal action.’”
California’s privacy agency initiates formal CPRA rulemaking
On July 8, the California Privacy Protection Agency (CPPA) initiated formal rulemaking procedures to adopt proposed regulations implementing the Consumer Privacy Rights Act of 2020 (CPRA), a law amending and building on the California Consumer Privacy Act (CCPA). As previously covered by InfoBytes, the CPRA (largely effective January 1, 2023, with enforcement delayed until July 1, 2023) was approved by ballot measure in November 2020. Earlier this year, the CPPA provided an update on the CPRA rulemaking process, announcing its intention to finalize rulemaking in the third or fourth quarter of 2022 (covered by InfoBytes here). While the CPRA established a July 1, 2022 deadline for rulemaking, CPPA Executive Director Ashkan Soltani stated during a February meeting that the rulemaking process will extend into the second half of the year.
The July proposed regulations modify definitions in the CCPA regulations; outline restrictions on the collection and use of personal information; provide disclosure and communications requirements; describe requirements for submitting CCPA requests and obtaining consumer consent; amend required privacy notices; provide instructions for the Notice of Right to Limit Use of Sensitive Personal Information; amend methods for handling consumer requests to delete, correct, and know; set forth requirements for opt-out preference signals; and address consumer requests for limiting the use and disclosure of sensitive personal information. Comprehensive details of the modified provisions and proposed regulations are available in previous InfoBytes coverage here.
The CPPA stated in its notice of proposed rulemaking that the proposed regulations serve three primary purposes: to (i) “update existing CCPA regulations to harmonize them with CPRA amendments to the CCPA”; (ii) “operationalize new rights and concepts introduced by the CPRA to provide clarity and specificity to implement the law”; and (iii) “reorganize and consolidate requirements set forth in the law to make the regulations easier to follow and understand.” The CPPA emphasized that the proposed regulations are designed to factor in privacy laws in other jurisdictions and “implement compliance with the CCPA in such a way that it would not contravene a business’s compliance with other privacy laws, such as the General Data Protection Regulation (GDPR) in Europe and consumer privacy laws recently passed in Colorado, Virginia, Connecticut, and Utah.” This design, the CPPA said, will simplify compliance for businesses operating across jurisdictions and avoid unnecessary confusion for consumers who may not understand which laws apply to them.
A hearing on the proposed regulations is scheduled for August 24 and 25. Comments are due August 23.
NYDFS issues overdraft and NSF fee guidance
On July 12, NYDFS issued guidance in an industry letter to regulated banking institutions, calling into question bank practices that can cause consumers to receive multiple overdraft and non-sufficient funds (NSF) fees from a single transaction. The industry letter identifies three specific types of fee practices as unfair or deceptive:
- Charging overdraft fees for “authorize positive, settle negative” transactions, where consumers are charged an overdraft fee even if they have sufficient money in their account when a bank approves a transaction, but the balance is negative when the payment is settled. Per NYDFS, imposing an overdraft fee in this situation is unfair because, among other things, consumers “have no control over or involvement in” when or how their debit transactions get settled.
- Charging “double fees” to consumers for a failed overdraft protection plan transfer, which occurs when a bank goes to transfer money from one deposit account to another deposit account to cover an overdraft transaction, but the first account lacks sufficient funds to cover the overdraft. Per NYDFS, double fees injure consumers “by imposing fees for a transfer that provides no value to the consumer and is not reasonably avoidable by consumers, who have no reason to expect that they will be charged a fee for an overdraft protection transfer that does not in fact protect them against an overdraft.”
- Charging NSF representment fees when a merchant tries several times to process a transaction that is deemed an overdraft and the bank charges a fee for each blocked representment without adequate disclosure. Banks that currently charge multiple NSF fees should “make clear, conspicuous, and regular disclosure to consumers that they may be charged more than one NSF fee for the same attempted debit transaction,” NYDFS stated. Additionally, banks are advised to consider other steps to mitigate the risk that consumers are charged multiple NSF fees, including limiting time periods for when multiple NSF fees may be charged, performing periodic manual reviews to identify instances of multiple NSF Fees, and offering refunds to affected consumers. NYDFS “ultimately expects [i]nstitutions will not charge more than one NSF fee per transaction, regardless of how many times that transaction is presented for payment,” the industry letter said.
NYDFS informed regulated entities that it will evaluate whether they “are engaged in deceptive or unfair practices with respect to overdraft and NSF fees in future Consumer Compliance and Fair Lending examinations.”
Ohio AG, FCC take action against robocall operation
On July 7, the Ohio attorney general filed a complaint against multiple companies for participating in an alleged unwanted car warranty call operation. The complaint, filed in the U.S. District Court for Southern District of Ohio, alleged that the 22 named defendants “participated in an unlawful robocall operation that bombarded American consumers with billions of robocalls.” Specifically, the complaint alleged that the defendants “initiated over 77 million robocalls per day for the purpose of generating sales leads, many times in relation to the sale of Vehicle Service Contracts (‘VSCs’) that are deceptively marketed as ‘car warranty’ plans,” totaling at least 800 million call attempts. The defendants allegedly violated the TSR, the Ohio Consumer Sales Practices Act, and the Ohio Telephone Solicitation Sales Act by, among other things: (i) deceptively representing the subject of the call; (ii) misrepresenting caller IDs, or “spoofing”; and (iii) acting as telephone solicitors without having registered as telephone solicitors with the Ohio AG’s Office, as required by law, and without having obtained and filed the required surety bond. The lawsuit coincided with the FCC’s announcement of actions taken to decrease robocalls, including sending cease and desist letters to several carriers in an attempt “to cut off a flood of possibly illegal robocalls marketing auto warranties targeting billions of consumers.” The announcement also noted that the FCC has authorized “all U.S.-based voice service providers to cease carrying any traffic originating from the [named] operation consistent with FCC regulations,” as detailed in a public notice to all U.S.-based voice service providers.