Skip to main content
Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations

Filter

Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • DFPI orders desist and refrain against investment firm

    State Issues

    On November 16, under California Corporations Code § 25532, the California Division of Financial Protection and Innovation (DFPI) issued a desist and refrain order against a securities investment platform for allegedly making false representations and material omissions to investors.

    The DFPI alleges the investment platform sold securities in California on its website and the platform referred to them as “certificates.” The platform claimed that the certificates paid investors returns ranging from 2.5 percent to five percent in addition to guaranteed monthly returns. To solicit investors, the platform allegedly engaged in a multi-level marketing (MLM) structure that would have investors influence others to send money. DFPI alleged that the certificates were not qualified under the California Corporate Securities Law. DFPI also alleged that the platform omitted material information to investors, which included (i) falsely representing that the platform was partnered with a particular forex broker; (ii) representing that it was a licensed bank (while omitting that the “license” was granted by a “fictitious regulator”); (iii) using the terms “bank” and “banking” while omitting that it was not authorized to engage in the business of banking in California; (iv) misrepresenting profits and risk of loss; and (v) failing to disclose that its securities were not qualified in California.  

    State Issues Securities DFPI Enforcement Investment California

  • NYDFS introduces guidelines for coin-listing and delisting policies in virtual currency entities

    State Issues

    On November 15, NYDFS announced new regulatory guidance which adopts new requirements for coin-listing and delisting policies of DFS-regulated virtual currency entities, updating its 2020 framework for each policy. After considering public comments, the new guidance aims to enhance standards for self-certification of coins and includes requirements for risk assessment, advance notification, and governance. It emphasizes stricter criteria for approving coins and mandates adherence to safety, soundness, and consumer protection principles. Virtual currency entities must comply with these guidelines, requiring DFS approval for coin-listing policies before self-certifying coins, and submitting detailed records for ongoing compliance review. The guidance also outlines procedures for delisting coins and necessitates virtual currency entities to have an approved coin-delisting policy.

    As an example under coin listing policy framework, the letter states that a virtual currency entity risk assessment must be tailored to a virtual currency entity's business activity and can include factors such as (i) technical design and technology risk; (ii) market and liquidity risk; (iii) operational risk; (iv) cybersecurity risk; (v) illicit finance risk; (vi) legal risk; (vii) reputational risk; (viii) regulatory risk; (ix) conflicts of interest; and (x) consumer protection. Regarding consumer protection, NYDFS says that virtual currency entities must “ensure that all customers are treated fairly and are afforded the full protection of all applicable laws and regulations, including protection from unfair, deceptive, or abusive practices.”

    Similar to the listing policy framework, the letter provides a fulsome delisting policy framework. The letter also stated that all virtual currency entities must meet with the DFS by December 8 to preview their draft coin-delisting policies and that final policies must be submitted to DFS for approval by January 31, 2024.

    State Issues Privacy Agency Rule-Making & Guidance Fintech Cryptocurrency Digital Assets NYDFS New York Consumer Protection

  • NY AG report reveals racial disparities in homeownership and offers proposed solutions

    State Issues

    On October 31, New York AG Letitia James released a report detailing racial disparities in homeownership and access to home financing in New York. The report states that Black and Latino New Yorkers are “underrepresented” among mortgage applicants, and white households are overall more likely to own homes than Black, Latino, or Asian households. The report also found that regardless of credit score, income, size of the loan and other factors, all applicants of color are denied mortgages at a higher rate than white applicants. In addition, the report found that disparities between white borrowers and borrowers of color persist in the context of refinance transactions and are also present in loans made by “[n]ew private-sector, non-depository lenders.”

    The report identified policy solutions that could reduce these disparities, including (i) subsidizing down payments and interest rates for first-generation homebuyers; (ii) increasing state funding for nonprofit financial institutions that support underserved communities of color; (iii) passing the New York Public Banking Act, which would create a regulatory framework for the establishment of public banks, thereby expanding access to affordable financial services in underserved areas; (iv) bolstering resources for government agencies to conduct fair lending investigations and enhancing New York’s Human Rights Law to explicitly prohibit discriminatory lending practices; and (v) exploring options for offering state-provided banking services in accessible locations to increase access to traditional banking services.

    State Issues New York State Attorney General Fair Lending Consumer Finance Lending FHA Refinance Racial Bias

  • Minnesota AG files complaint against a tribal company for steep rates

    Courts

    On October 30, the Minnesota Attorney General’s office filed a complaint against a Montana tribal economic development entity claiming that the entity’s lending subsidiaries violated state and federal usury laws through deceptive trade practices and false advertising. The complaint alleges that “[d]efendants ignore these laws and have in recent years made thousands of loans to consumers in Minnesota at interest rates exponentially higher than what is permitted. They do so while deceiving Minnesotans to believe the defendant lenders are immune from Minnesota law because they are owned by a federally recognized Indian tribe. But even sovereign entities and their subsidiaries must comply with Minnesota and federal law when they transact business in Minnesota.” The complaint claims that the company’s lending subsidiaries charged interest rates up to 800 percent and led state residents to believe that the entity was exempt from state laws that protect against predatory loans. Minnesota laws cap interest rates for written contracts at 8% unless otherwise exempted. Loan contracts that violate the law may be voidable and have no legal effect. The Attorney General is seeking an injunction to block the company from operating in Minnesota, a declaration that “marketing, offering, issuing, servicing, collection, and providing of [these] loans” is in violation of federal and state laws, and compensation for the residents affected by the defendants’ actions.

    Courts State Issues Minnesota State Attorney General Interest Rate Consumer Finance

  • DFPI orders deceptive debt collectors to desist and refrain, pay penalties

    State Issues

    On October 23, DFPI announced enforcement actions against four debt collectors for engaging in unlicensed debt collection activity, in violation of Debt Collection Licensing Act and unfair, deceptive, or abusive acts or practices, in violation of the California Consumer Financial Protection Law. In its order against two entities, the department alleged that the entities contacted at least one California consumer and made deceptive statements in an attempt to collect a payday loan-related debt, among other things. In its third order against another two entities, DFPI alleged that a consumer was not provided the proper disclosures in a proposed settlement agreement to pay off their debts in a one-time payments. Additionally, DFPI alleged that the entity representatives made a false representation by communicating empty threats of an impending lawsuit.

    Under their orders (see here, here, and here), the entities must desist and refrain from engaging in illegal and deceptive practices, including (i) failing to identify as debt collectors; (ii) making false and misleading statements about payment requirements; (iii) threatening unlawful action, such as a lawsuit, because of nonpayment of a debt; (iv) contacting the consumer at a forbidden time of day; (iv) making false claims of pending lawsuits or legal process and the character, amount, or legal status of the debt; (v) failing to provide a “validation notice” ; and (vi) threatening to sue on time-barred debt.

    The entities are ordered to pay a combined $87,500 in penalties for each of the illegal and deceptive practices.

    State Issues DFPI Enforcement Debt Collection Deceptive UDAAP California CCFPL Consumer Finance Consumer Protection

  • FTC and Wisconsin sue auto dealer group for alleged discrimination and illegal fees

    Federal Issues

    The FTC and the State of Wisconsin announced that they filed a complaint in the District Court for the Western District of Wisconsin against an auto dealer group, and its current and former owners, and general manager, alleging that the defendants deceived consumers by tacking hundreds or even thousands of dollars in illegal junk fees onto car prices and discriminated against American Indian customers by charging them higher financing costs and fees relative to similarly situated non-Latino whites.

    The complaint also notes the disparity only increased since a change of ownership in 2019. Specifically, the complaint alleges that the defendants regularly charged many of their customers junk fees for “add-on” products or services without their consent, which resulted in additional fees and interest on the customers’ loans. Further, the defendants allegedly discriminated against American Indian customers in the cost of financing by adding more “markup” to their interest rates. This additional markup cost American Indian customers, on average, $401 more compared to non-Latino white customers.

    The complaint resulted in two proposed settlements. The proposed settlement with the auto dealer, its current owners, and the general manager requires the company to stop deceiving consumers about whether add-ons are required for a purchase and obtain consumers’ express informed consent before charging them for add-ons. The settlement will also the require the defendants to establish a comprehensive fair lending program that, among other components, will allow consumers to seek outside financing for a purchase and cap the additional interest markup the auto dealer can charge consumers. The current owners and general manager will also be required to pay $1 million to be used to refund affected consumers.

    Separately, the former owners agreed to pay $100,000 to be used to refund affected consumers.

    Federal Issues Wisconsin State Issues Discrimination Fees Enforcement

  • Bank to pay Fed, NYDFS almost $30 million for deficient third-party risk management practices

    Federal Issues

    On October 19, the Fed and NYDFS announced an enforcement action against a New York-based bank for alleged violations of consumer identification rules and deficient third-party risk management practices. NYDFS Superintendent Adrienne A. Harris stated that the bank failed to prevent a “massive, ongoing fraud” related to its prepaid card program. According to the Fed’s cease-and-desist order, illicit actors managed to open prepaid card accounts through a third-party, and moved hundreds of millions of dollars of direct deposit payroll payments and state unemployment benefits through the accounts. The Fed’s order requires the bank to, among other things, improve its oversight, create a new product review program, enhance its customer identification program, and submit a plan to enhance its third-party risk management program. The bank’s plan must include (i) policies and procedures to ensure third-party service providers are complying with federal and state law; (ii) a third-party risk management oversight program; (iii) policies and procedures to ensure the bank’s Chief Compliance Officer has sufficient resources to properly access the bank’s prepaid card program and is adequately staffed; and (iv) a comprehensive identity theft prevention program. The Fed also requires the bank to pay a civil money penalty of approximately $14.5 million. Under NYDFS’s consent order, the bank agreed to pay an additional $15 million civil monetary penalty, and to submit remediation and program reporting.

    Federal Issues State Issues NYDFS Federal Reserve Cease and Desist Third-Party Risk Management

  • California enacts licensing requirements for digital asset businesses, regulation of crypto kiosks

    On October 13, the California Governor signed AB 39, which will create a licensing requirement for businesses engaging in digital financial asset business activity. Crypto businesses will need to apply for a license with California’s Department of Financial Protection and Innovation (DFPI). The bill, among other things, (i) empowers DFPI to conduct examinations of a licensee; (ii) defines “digital financial asset” as “a digital representation of value that is used as a medium of exchange, unit of account, or store of value, and that is not legal tender, whether or not denominated in legal tender, except as specified”; (iii) empowers DFPI to conduct enforcement actions against a licensee or a non-licensed individual who engages in crypto business with, or on behalf of, a California resident for up to five years after their activity; (iv) allows DFPI to assess civil money penalties of up to $20,000 for each day a licensee is in material violation of the law, and up to $100,000 for each day an unlicensed person is in violation; and (v) requires licensees to provide certain disclosures to California clientele, such as when and how users may receive fees and charges, and how they are calculated. The new law exempts most government entities, certain financial institutions, most people who solely provide connectivity software, computing power, data storage or security services, and people engaging with digital assets for personal, family, household or academic use or whose digital financial asset business activity is reasonably expected to be valued at no more than $50,000 per year. In September of last year, the California Governor vetoed a similar bill because creating a licensing framework was “premature” considering conflicting efforts.

    Also effective on July 1, 2025 is SB 401, which was also enacted on October 13. SB 401 establishes regulations for crypto kiosks under the DFPI’s authority. It will, among other things, prohibit kiosk operators from accepting or dispensing more than $1,000 in a single day to or form a customer via a kiosk. Operators would be required to furnish written disclosures detailing the transaction's terms and conditions as well as transaction details. Kiosk operators will also be obligated to provide customers with a receipt for any transaction at their kiosk, including both the amount of a digital financial asset or USD involved in a transaction and, in USD, any fees, expenses, and charges collected by the kiosk operator. Finally, operators will be required to provide DFPI with a list of all its crypto kiosks in California, and such list will be made public.

    Licensing State Issues California DFPI State Legislation Cryptocurrency Digital Assets Disclosures

  • Payments processor fined $20 million by State Money Transmission Regulators and State AGs

    State Issues

    On October 16, a national payment processor entered into two settlement agreements totaling $20 million with 44 state and territory money transmission regulators and 50 state and territory attorneys general to resolve issues stemming from alleged erroneous payment transactions.  The alleged erroneous payments involved the mistaken initiation of payments on behalf of almost 480,000 mortgage borrowers, with the total amount at issue totaling nearly $2.4 billion.

    According to the settlement entered into between the payment processor and the money transmission regulators, who were working through the Multi-State Money Service Business Examination Taskforce, the mistaken payments resulted from a breakdown of internal data security controls that allowed customer data intended for use in the testing of processing code to trigger actual payments.  The payment processor, who regularly provided payment processing services to a large residential mortgage lending and servicing company, was using actual customer mortgage payment data for test purposes.  As alleged in the settlement, it was determined that in the process of conducting testing on processing code to optimize the payment processors’ payment platform, more than 1.4 million payment entries were unintentionally and erroneously processed.  This erroneous payment processing was said to be primarily the result of “circumvention of internal data security controls and a lack of segregation between internal production and testing environments.”

    The settlement reached with the money transmission regulators requires the payment processor to maintain a comprehensive risk and compliance program and to provide regular reporting to a state regulator monitoring committee to ensure the adequacy of its risk management programs. 

    Under the terms of the settlement with the money transmission regulators, the payment processor is required to pay a total of $10 million, with approximately $9.5 million of that total being shared evenly by each participating state, with the remaining roughly $500,000 being used to cover the administrative costs of the investigating states.  Under the agreement with the state attorneys general, the payment processor is required to pay an additional $10 million to the various participating states and territories.  These amounts are in addition to the $25 million fine previously agreed to in the CFPB Consent Order, bringing the total amount to be paid by the payment processor to $45 million.

    State Issues Settlement DFPI Enforcement Mortgages

  • California enacts law to extend commercial financing cost disclosure requirement

    State Issues

    On October 7, the California governor signed SB 33 to, among other things, continue to require covered providers offering commercial loans to disclose the total cost of financing expressed as an annualized rate indefinitely. Existing law currently required this disclosure only until January 1, 2024.

    SB 33 is effective January 1, 2024.

    State Issues California State Legislation Commercial Finance Disclosures Consumer Finance

Pages

Upcoming Events