InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
Bank settles with New York for $65 million over incentive compensation sales program
On October 22, the New York Attorney General announced a $65 million settlement with a national bank to resolve allegations regarding its retail sales business model in violation of the Martin Act and New York common law. The Attorney General had alleged the bank failed to disclose to investors that the success of the bank’s incentive compensation program may encourage certain misconduct.
As previously covered by InfoBytes, in May, the bank announced it reached an agreement in principle to pay $480 million to investors to resolve a consolidated action related to the same issues.
CFPB imposes $200,000 fine on small dollar lender for deceptive debt collection practices
On October 24, the CFPB announced a settlement with a Tennessee-based small dollar lender, resolving allegations that the lender violated the Consumer Financial Protection Act (CFPA). Specifically, as stated in the consent order, the CFPB alleges that the lender (i) deceptively threatened to sue consumers on time-barred debts; (ii) misled consumers that the lender would report late payments to credit reporting agencies when the lender did not; and (iii) abusively set-off previous loans by telling its employees not to tell check-cashing consumers that it would deduct previous amounts owed from the check proceeds. Consequently, the Bureau alleged that the lender took “unreasonable advantage of the consumers’ lack of understanding” that the lender would take a portion of the check they intended to cash and physically kept the check away from consumers until the transaction was complete, which “nullified” any written set-off disclosures when the consumer signed his or her agreement. In addition to the $200,000 civil money penalty, the consent order requires the lender to (i) pay approximately $32,000 in restitution to consumers, and (ii) establish a compliance plan with detailed steps and timelines for complying with applicable laws.
Illinois Attorney General announces $1.2 million settlement to resolve mortgage fraud allegations
On October 24, the Illinois Attorney General, along with the Illinois Department of Financial and Professional Regulation, announced a settlement with a residential mortgage company for allegations of mortgage fraud by one of the branch managers. According to the press release, the branch manager allegedly (i) placed borrowers who believed they were obtaining a traditional mortgage into a “contract for deed,” which can carry greater financial risks; (ii) failed to provide some borrowers signed copies of their agreements; and (iii) participated in fraudulent loan origination activities. The company agreed to pay $1.2 million in restitution to the Attorney General’s office, which will distribute the proceeds to defrauded consumers.
DOJ settles FCA allegations with mortgage lender for $13.2 million
On October 19, the DOJ announced a $13.2 million settlement with a mortgage lender resolving allegations that the company violated the False Claims Act (FCA) by falsely certifying compliance with the Federal Housing Administration (FHA) mortgage insurance requirements in violation of the False Claims Act (FCA). Specifically, the government alleged that, between 2006 and 2011, the lender failed to follow proper mortgage underwriting and certification rules as a participant in the direct endorsement lender program and knowingly submitted loans for FHA insurance that did not qualify. Additionally, DOJ alleged that the lender “improperly incentivized underwriters and knowingly failed to perform quality control reviews.” Under the direct endorsement lender program, FHA does not review a loan for compliance with FHA requirements before it is endorsed for FHA insurance; accordingly lenders are required to follow rules designed to ensure that they are properly underwriting and certifying mortgages for FHA insurance. This settlement also resolves a related whistleblower lawsuit filed under the FCA, in which the former employee of a related entity will receive approximately $2 million.
FTC announces settlement over tenant-screening FCRA violations
On October 16, the FTC announced that it reached a settlement with a Texas-based company over allegations that it violated the FCRA by failing to take reasonable steps to ensure the accuracy of tenant-screening information furnished to landlords and property managers. The FTC alleges that the company compiled screening reports through an automated system using broad criteria that incorrectly matched applicants to criminal records. Additionally, the company allegedly lacked policies or procedures to assess the accuracy of those results, which led to some renters being turned down for housing. The settlement requires the company to pay $3 million—the largest civil penalty ever assessed by the FTC against a background screening company. In addition, the company must maintain reasonable procedures to ensure consumer reports contain the maximum possible accuracy of information and is subject to compliance, recordkeeping, and reporting requirements.
Japanese bank's U.S. branch and affiliates settle RMBS misconduct claims for $480 million
On October 16, the U.S. Attorney for the Eastern District of New York announced that the U.S. branch of a Japanese bank and several of its affiliates would settle claims related to the bank’s marketing, sale, and issuance of residential mortgage-backed securities (RMBS) in the lead-up to the 2008 financial crisis. In particular, the U.S. Attorney alleged that the bank, among other things, (i) misrepresented the effectiveness of its due diligence loan review procedures and the quality of the RMBS to investors; (ii) overruled due diligence warnings and allowed the securitization of loans that failed to comply with underwriting guidelines without investors’ knowledge; and (iii) continued to work with originators that “had ‘systemic’ underwriting issues and employed ‘questionable’ origination practices.” The bank disputes the allegations and does not admit to any liability or wrongdoing, but agreed to pay a $480 million civil money penalty pursuant to the Financial Institutions Reform, Recovery, and Enforcement Act to resolve the matter.
OFAC reaches settlement with national bank to resolve alleged non-egregious sanctions violations
On October 5, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced an approximate $5.3 million settlement with a national bank for alleged violations of the Cuban Assets Control Regulations, the Iranian Transactions and Sanctions Regulations, and the Weapons of Mass Destruction Proliferators Sanctions Regulations. According to OFAC, the settlement resolves the bank’s potential civil liability for, among other things, allegedly processing net settlement payments for bank clients between January 2008 and February 2012, for which only 0.14 percent were attributable to interests of non-U.S. person entity members that were at various times identified on OFAC’s Specially Designated Nationals List, sanctioned, or located in countries subject to OFAC’s sanctions programs.
In arriving at the settlement amount, OFAC considered factors such as (i) prior to January 2012, the bank did not appear to have in place a process to independently assess participating member entities of the non-U.S. person entity for OFAC sanctions risk, despite allegedly receiving red flag notifications regarding OFAC-sanctioned members; (ii) staff members processing the net settlement transactions may have had actual knowledge of the members; and (iii) the bank is a large, commercially sophisticated financial institution.
OFAC also considered numerous mitigating factors, including (i) managers and supervisors were not aware of the conduct; (ii) the total harm caused was “significantly less than the total value of the transactions”; (iii) the bank cooperated with the investigation and entered into a retroactive agreement to toll the statutes of limitations; and (iv) the bank has implemented several steps as part of its risk-based compliance program to prevent future violations. OFAC also noted that the bank voluntary disclosed the violations, and that the violations constitute a non-egregious case.
International bank settles with DOJ for $765 million regarding alleged RMBS misconduct
On October 9, the U.S. Attorney for the District of Colorado announced that an international bank would settle claims related to the bank’s packaging, securitizing, issuing, marketing and sale of residential mortgage-backed securities (RMBS) in the lead-up to the 2008 financial crisis. In particular, the U.S. alleged that (i) the bank’s due diligence loan review procedures disclosed to investors were not, in certain instances, followed; (ii) bank managers overruled due diligence vendors’ warnings regarding the quality of certain loans included in securitizations; and (iii) the bank misrepresented the quality of the RMBS to investors. The bank disputes the allegations and does not admit to any liability or wrongdoing, but agreed to pay a $765 million civil money penalty pursuant to the Financial Institutions Reform, Recovery, and Enforcement Act to resolve the matter.
CFPB announces settlement with companies that allegedly delayed transfer of consumer payments to debt buyers
On October 4, the CFPB announced a settlement with a group of Minnesota-based companies that allegedly violated the Consumer Financial Protection Act when consumers made payments on debts that the companies had already sold to third parties, and the companies improperly delayed the forwarding of some of those payments to debt buyers. According to the consent order, the companies—whose practices include the purchasing, servicing, collection, and furnishing consumer-report information on consumer loans—partnered with third-party banks to sell merchandise on closed-end or open-end revolving credit. Within a few days, banks originated the loans and sold the receivables to the companies. The companies subsequently serviced the debts and sold the receivables to a third party. For defaulted accounts, the companies charged off the accounts and sold them to third-party debt buyers. According to the Bureau, the companies allegedly failed to notify consumers when their accounts were sold, failed to inform them who now owned the debt, and continued to accept direct pays from consumers. The Bureau contends that between 2013 and 2016, the companies delayed forwarding direct pays for more than 31 days in 18,000 instances, and in 3,500 of those instances, the companies did not forward the payments for more than a year. Moreover, the Bureau asserts that these delays led to misleading collection efforts, including collection activity on accounts consumers had completely paid off. The order requires the companies to pay a civil money penalty of $200,000, and improve their policies and procedures to prevent further violations.
SEC penalizes investment company $1 million for cyber security failings
On September 26, the SEC announced a settlement with an Iowa-based broker-dealer and investment advisement company, which agreed to pay $1 million to resolve allegations that the company violated the Safeguards Rule and the Identity Theft Red Flags Rule arising out of the company’s failure to protect confidential customer information from intrusion. This is the SEC’s first enforcement action charging violations under the Rule. According to the order, intruders were able to access the company’s system by impersonating company contractors, calling the company’s support line, and requesting their passwords be reset. The intruders gained access to the company’s system that contained personally identifiable information for approximately 5,600 customers and obtained unauthorized access to account documents for three customers. The SEC identified weaknesses in the company’s cybersecurity procedures, including failure to terminate the intruders’ access even after the intrusion was flagged and failure to apply its procedures to the systems used by its independent contractors. The order takes into account remedial acts undertaken by the company, including blocking malicious IP addresses and issuing breach notices to affected customers, and requires the company to pay a $1 million penalty and retain an independent consultant to evaluate its compliance with the Safeguards Rule and the Identity Theft Red Flags Rule. The company did not admit nor deny the SEC’s findings.