InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
FTC settles with one student loan debt relief operation; seeks separate permanent injunction against another
On November 20, the FTC announced a settlement with operators of a student loan debt relief operation to resolve allegations that the defendants defrauded consumers through programs offering mortgage assistance and student debt relief. Regarding the student debt operations, the FTC alleged that the defendants falsely offered student borrowers reduced monthly payments or loan forgiveness by falsely claiming to be affiliated with the Department of Education. In a 2017 complaint, the FTC alleged that the defendants also falsely promised foreclosure prevention and mortgage relief to distressed homeowners, but instead collected advance fees in violation of the Telemarketing Sales Rule (TSR) and the Mortgage Assistance Relief Services Rule. Among other things, the settlement includes a judgment of more than $9 million—which will be partially suspended once the defendants turn over all assets worth approximately $305,000 because of their inability to pay—and bans the defendants from participating in debt relief and telemarketing activities in the future.
The same day, the FTC also announced it was charging a separate student loan debt relief operation with violations of the FTC Act and the TSR for allegedly engaging in deceptive practices when marketing and selling their debt relief services. According to the complaint, the operators of the scheme—which include a recidivist scammer previously banned from participating in debt relief activities—allegedly “promoted a 96 percent success rate in reducing consumers’ student loan payments.” However, the FTC stated that consumers who purchased the debt relief services and often paid illegal upfront fees “often did not receive any debt relief and lost hundreds of dollars.” On November 13, the U.S. District Court for the Central District of California issued a temporary restraining order and asset freeze at the FTC’s request. The FTC seeks a permanent injunction against the defendants to prevent future violations, as well as redress for injured consumers through “rescission or reformation of contracts, restitution, the refund of monies paid, and the disgorgement of ill-gotten monies.”
Auto lender pays $11.8 million to resolve investigation into add-on product and loan extension program
On November 20, the CFPB announced a settlement with a Texas-based auto lender to resolve allegations that the lender violated the Consumer Financial Protection Act by deceptively marketing an auto-loan guaranteed asset protection (GAP) add-on product and misrepresenting the impact on consumers of obtaining a loan extension. Regarding the GAP add-on product, which was intended to cover a “gap” between the consumer’s primary auto insurance payout and the consumer’s outstanding loan balance in the event of a total vehicle loss, the CFPB alleged that the lender failed to disclose to consumers that if their loan-to-value was greater than 125 percent, they would not receive the “true full coverage” advertised with the GAP add-on product. Regarding extensions of auto loans, the CFPB alleged, among other things, that the lender failed to “clearly and prominently” disclose that interest accrued during a loan extension would be paid before principal when the consumer resumed making payments on the extended loan. Under the order, the lender must, among other things, (i) pay $9.29 million in consumer restitution; (ii) clearly and prominently disclose the terms of the GAP add-on product and loan extension; and (iii) pay $2.5 million in a civil money penalty.
French bank agrees to $1.3 billion settlement to resolve U.S. sanctions investigations
On November 19, the Federal Reserve Board, Office of Foreign Assets Control (OFAC), DOJ, Manhattan District Attorney’s Office, and NYDFS announced that a French bank agreed to pay approximately $1.34 billion in total penalties to resolve federal and state investigations into the bank’s allegedly intentional violation of U.S. sanctions laws and other federal and New York state laws from approximately 2003 to 2013.
The bank entered into a deferred prosecution agreement (DPA) with the U.S. Attorney’s Office for the Southern District of New York to settle charges of conspiring to violate U.S. sanctions against Cuba by “structuring, conducting, and concealing U.S. dollar transactions using the U.S. financial system.” The DPA requires the bank to forfeit more than $717 million. The bank also agreed to “accept responsibility for its conduct by stipulating to the accuracy of an extensive Statement of Facts, pay penalties totaling [$1.34 billion] to federal and state prosecutors and regulators, refrain from all future criminal conduct, and implement remedial measures as required by its regulators.” According to the DOJ, the bank “admitted its willful violations of U.S. sanctions laws—and longtime concealment of those violations—which resulted in billions of dollars of illicit funds flowing through the U.S. financial system.” As factors mitigating the penalty, the DPA acknowledges the bank’s efforts to collect and produce “voluminous evidence located in other countries to the full extent permitted under applicable laws and regulations, and its enhancement of its compliance program and sanctions-related internal controls both before and after it became the subject of a U.S. law enforcement investigation.” Among other factors, the bank’s willingness to enter into the terms of the DPA, outweighed its “failure to self-report all of its violations of [U.S.] sanctions laws in a timely manner.”
The bank also entered into agreements to pay almost $163 million to the New York County District Attorney’s Office, nearly $54 million to OFAC, approximately $81 million to the Federal Reserve Board, and $325 million to NYDFS. Among other things, NYDFS noted that branch employees “responsible for originating USD transactions outside of the U.S. had a minimal understanding of U.S. sanctions laws and regulations as they related to Sudan, Iran, Cuba, North Korea, or other U.S. sanctions targets.”
Separate from the resolution of alleged sanctions violations, NYDFS imposed an additional $95 million penalty to resolve findings that the bank’s New York branch allegedly failed to “implement and maintain an effective Bank Secrecy Act/Anti-Money Laundering Law compliance program and transaction monitoring system.”
According to a bank statement issued the same day, the bank acknowledges and regrets the identified shortcomings, and “has already taken a number of significant steps in recent years and dedicated substantial resources to enhance its sanctions and AML compliance programs.”
SEC announces first settlement with a digital currency exchange
On November 8, the SEC announced its first enforcement action settlement with a digital currency platform for allegedly operating as an unregistered national securities exchange. According to the cease-and-desist order, the founder of the digital currency exchange, who has since sold the exchange to foreign buyers, allegedly violated federal securities laws by providing an online platform for secondary market trading of digital assets, including ERC20 tokens, without registering with the Commission or operating pursuant to a registration exemption. ERC20 tokens are digital assets issued and distributed on the Ethereum Blockchain using the ERC20 protocol, which, according to the SEC, is the standard coding protocol currently used by a significant majority of issuers in initial coin offerings. The order emphasizes that 92 percent of the trades on the exchange took place after the SEC released its Report of Investigation Pursuant To Section 21(a) Of The Securities Exchange Act of 1934: The DAO (the DAO Report) in July 2017, advising that non-exempt digital currency exchanges must register with the Commission. Without admitting or denying the findings, the founder agreed to pay $300,000 in disgorgement plus interest and a $75,000 penalty.
Financial services firm settles SEC allegations of mishandled American Depositary Receipts
On November 7, the SEC announced a settlement with a financial services firm to resolve allegations that the firm mishandled the pre-release of American Depositary Receipts (ADRs)—U.S. securities that represent shares in foreign companies. The SEC noted in its press release that ADRs can be pre-released without the deposit of foreign shares only if: (i) the brokers receiving the ADRs have an agreement with a depository bank; and (ii) the broker or the broker's customer owns the number of foreign shares that corresponds to the number of shares the ADR represents. The SEC alleged that the firm improperly provided thousands of ADRs where neither the broker nor its customers possessed the required shares. According to the SEC’s order, the firm’s alleged practice of allowing pre-released ADRs, that were in many instances not backed by ordinary shares, violated the Securities Act of 1933. The firm has neither admitted nor denied the SEC’s allegations, but has agreed to pay more than $25.1 million in disgorgement and prejudgment interest, along with a $13.5 million penalty. The SEC’s order further acknowledges the firm’s cooperation in the investigation.
Money services business agrees to extend DOJ deferred prosecution agreement; settles FTC order breach
On November 8, the DOJ announced that a money services business has agreed to forfeit $125 million and extend its deferred prosecution agreement (DPA) due to deficiencies in its anti-fraud and anti-money laundering (AML) programs. The global settlement also resolves contempt allegations brought by the FTC related to the violation of a 2009 FTC order, which mandated that the company implement a comprehensive fraud prevention program.
The DOJ filed charges against the company in 2012 for allegedly “willfully failing to maintain an effective AML program and aiding and abetting wire fraud,” including scams targeting the elderly and other vulnerable groups that involved victims sending funds through the company’s money transfer system. In connection with the DOJ’s and company’s joint motion to extend and amend the DPA, the DOJ announced that the company: (i) experienced significant weaknesses in its AML and anti-fraud program; (ii) inadequately disclosed these weaknesses to the government; and (iii) failed to complete all of the DPA’s required enhanced compliance undertakings, resulting in the processing of at least $125 million additional consumer fraud transactions between April 2015 and October 2016. Under the amendment to and extension of the DPA—in effect until May 2021—the company has agreed to, among other things, comply with additional enhanced anti-fraud and AML compliance obligations.
In a related matter, the FTC filed a motion for compensatory relief and modified order for permanent injunction, which alleges that the company failed to adopt and implement a comprehensive fraud prevention program mandated by the 2009 order. The motion indicates that the company has agreed to the entry of an order modifying the 2009 Order to include a broader range of relief, including a requirement to interdict (or block) the transfers of known fraudsters and provide refunds for non-compliance with certain policies or procedures.
DOJ settles with credit union for alleged SCRA violations
On November 2, the DOJ announced a $95,000 settlement with a credit union resolving allegations that the credit union violated the Servicemembers Civil Relief Act (SCRA) by repossessing vehicles owned by servicemembers without first obtaining the required court orders. According to the complaint, which was filed on the same day the settlement was announced, the DOJ launched an investigation into the credit union’s repossession practices after learning of two private complaints filed against the credit union for alleged SCRA violations. Through the investigation, the DOJ discovered additional violations and that the credit union did not have policies and procedures that addressed non-judicial auto repossessions against servicemembers until August 2014. Under the terms of the settlement, the credit union is required to pay $65,000 to compensate affected servicemembers and a civil money penalty of $30,000. In addition, the company must submit its employee SCRA training materials for approval and complete reporting, record-keeping, and monitoring requirements.
FTC settles with online student loan refinance lender for allegedly deceptive marketing
On October 29, the FTC announced a settlement with an online student loan refinance lender resolving allegations the lender violated the FTC Act by misrepresenting in television, print, and internet advertisements how much money student loan borrowers can save from refinancing their loans with the company. The complaint alleges that the lender inflated the average savings consumers have achieved refinancing through the lender, in some instances doubling the average savings by selectively excluding certain groups of consumers from the data. The complaint also alleges that in some instances, the lender’s webpage misrepresented instances where a loan option would result in the consumer paying more on a monthly basis or over the lifetime of the loan, simply stating the savings would be “0.00.” Although the lender did not admit or deny any of the allegations, it agreed to a consent order that requires it to cease the alleged misrepresentations and agree to certain compliance monitoring and recordkeeping requirements.
Notably, Commissioner Rohit Chopra issued a concurring statement in this matter suggesting that in instances where the FTC is unable to obtain monetary remedies, it should seek to partner with other enforcement agencies that have the additional legal authority to obtain monetary settlements from the targets of the FTC enforcement action.
FTC approves final expanded settlement with global ride-sharing company over data breaches
On October 26, the FTC announced its final approval of an expanded settlement with a global ride-sharing company over allegations that the company violated the FTC Act by deceiving consumers regarding the company’s privacy and data practices. Specifically, the company allegedly failed to closely monitor and audit its employees’ internal access to consumer and driver data. Furthermore, the company represented to consumers and drivers that personal information stored in its databases were secure, but, according to the FTC, the company failed to implement reasonable measures to prevent unauthorized access to consumers and driver data maintained by the ride-sharing company’s third-party cloud service provider. In April, the FTC announced it would be expanding the original settlement from August 2017 (previously covered by InfoBytes here), which covered a 2014 data breach, because it was discovered the company failed to disclose a subsequent data breach that occurred in 2016 for more than a year, despite the on-going FTC investigation of the 2014 data breach.
The expanded final settlement subjects the company to civil penalties if it fails to notify the FTC of future incidents involving unauthorized access to data. The settlement also, among other things, requires the company to implement a comprehensive privacy program, including biennial third-party privacy assessments for 20 years.
Bank settles with New York for $65 million over incentive compensation sales program
On October 22, the New York Attorney General announced a $65 million settlement with a national bank to resolve allegations regarding its retail sales business model in violation of the Martin Act and New York common law. The Attorney General had alleged the bank failed to disclose to investors that the success of the bank’s incentive compensation program may encourage certain misconduct.
As previously covered by InfoBytes, in May, the bank announced it reached an agreement in principle to pay $480 million to investors to resolve a consolidated action related to the same issues.