InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
FTC settles credit card laundering lawsuit
On March 9, the FTC entered into a settlement with a credit card merchant and its individual officer (collectively, “defendants”) relating to an allegedly deceptive credit card telemarketing operation. According to the FTC’s amended complaint, the defendants violated the FTC Act and the Telemarketing Sales rule by assisting a telemarketing company in masking its identity by processing the company’s credit card payments through multiple fictitious companies. The FTC previously had banned the telemarketing company from selling fraudulent “work-at-home” opportunities in 2015. The settlement, among other things, prohibits the defendants from processing payments or acting as an independent sales organization. The order also stipulates a judgment of approximately $1.3 million, which will be suspended unless it is determined that the financial statements defendants submitted to the FTC contain any inaccuracies.
FDIC fines Delaware-based bank for unfair and deceptive practices
On March 7, the FDIC announced that a Delaware-based bank agreed to settle allegations of unfair and deceptive practices in violation of Section 5 of the Federal Trade Commission Act for assessing transaction fees in excess of what the bank previously had disclosed. The FDIC also found that the bank’s practices violated the Electronic Funds Transfer Act, the Truth in Savings Act, and the Electronic Signatures in Global and National Commerce Act. According to the FDIC, from December 2010 through November 2014, the bank overcharged transaction fees to consumers who used prepaid and certain reloadable debit cards to make point-of-sale, signature-based transactions that did not require the use of a personal identification number. The transaction fees allegedly exceeded what the bank had disclosed to consumers. Under the terms of the settlement order, the bank will, among other things, (i) establish a $1.3 million restitution fund for eligible consumers; (ii) prepare a comprehensive restitution plan and retain an independent auditor to determine compliance with that plan; and (iii) provide the FDIC with quarterly written progress reports detailing its compliance with the settlement order. The settlement also requires the bank to pay a civil money penalty of $2 million.
Virginia Attorney General sues pension sale lender who targeted retired veterans and government employees; obtains full restitution for customers of online lender
On March 7, the Virginia Attorney General took action against Delaware- and Nevada-based installment lenders (defendants) for allegedly making illegal loans with excessive annual interest rates that were disguised as “lump sum” cash payouts to Virginia consumers, in violation of the Virginia Consumer Protection Act (VCPA). According to the complaint, the defendants disguised the high interest loans to Virginia pensioners as “Purchase and Sale Agreements” involving a “sale” or “pension advance” in an effort to bypass consumer lending laws, including TILA and Regulation Z disclosure requirements. Furthermore, the complaint alleges that the loans charged interest rates as high as 183 percent, far exceeding the state’s 12 percent annual usury cap, but because they were misrepresented as sales, defendants avoided potential private actions brought by consumers to recover excessive interest payments. The complaint seeks injunctive and monetary relief.
Separately, on February 23, the Virginia Attorney General announced a settlement with a group of affiliated online lenders and debt collectors (defendants) to resolve violations of the VCPA through the offering of unlawful open-end credit plan loans and engaging in illegal debt collection practices. According to the Assurance of Voluntary Compliance approved earlier in February, between January 2015 through mid-June 2017, the defendants (i) offered open-end credit plan loans and imposed bi-monthly “service fees” that—when calculated with the advertised interest—greatly increased the loan’s cost and exceeded the state’s 12 percent annual limit; (ii) imposed illegal finance charges and other service fees on borrowers during the required 25-day grace period; (iii) contacted consumers in an effort to collect on these loans; and (iv) contacted the consumers' employers to implement wage assignments and garnish wages from consumers' paychecks. Under the terms of the settlement, defendants will provide nearly $150,000 in restitution and debt forgiveness, pay $105,000 in civil penalties and attorneys’ fees, and are permanently enjoined from consumer lending and debt collection activities in the state.
New York Attorney General settles HIPAA allegations with a health insurance company
On March 6, the New York Attorney General announced a settlement with a healthcare provider for an alleged violation of the Health Insurance Portability Accountability Act (HIPAA) concerning a mailing error, which resulted in the disclosure of over 80,000 social security numbers. According to the announcement, in October 2016, the healthcare provider discovered that its mailing envelopes for certain health policies inadvertently included the customers’ social security numbers as part of the “Health Insurance Claim Number” printed on the envelope. Under the terms of the settlement, the healthcare provider is required to pay a $575,000 fine, review its policies and procedures, and implement a corrective action plan which includes an analysis of the security risks associated with the mailing of policy documents.
International bank settles with New York Attorney General for $500 million for RMBS misconduct
On March 6, the New York Attorney General announced a $500 million settlement with an international bank to resolve allegations of misrepresentations in the sale of residential mortgage-backed securities (RMBS), in violation of New York’s Martin Act and Section 63(12) of New York’s Executive Law. According to the settlement agreement, the investigation focused on 44 securitizations sold by the bank between 2006 and 2007. In addition to the alleged misrepresentations in the offering documents, the bank also included loans in the sales portfolio that due diligence vendors warned did not comply with underwriting guidelines. The $500 million settlement includes $100 million in damages to New York State and $400 million to consumer relief programs.
As previously covered by InfoBytes, the bank recently settled with the California Attorney General for misrepresentations while selling RMBS to California’s public employee and teacher pension fund.
FTC announces resolution of an action against the final defendant in a debt collection operation
On March 5, the FTC announced that the U.S. District Court for the Middle District of Florida entered a default judgment against the final defendant of a debt collection operation accused of violating the FTC Act and Fair Debt Collections Practices Act by allegedly posing as lawyers and threating individuals with lawsuits or prison time if they failed to pay debt they did not actually owe. (See InfoBytes coverage here on previously issued order against three other co-defendants.) Under the terms of the January 23 order, the defendant is prohibited from, among other things, (i) engaging in debt collection activities; (ii) buying or selling consumer or commercial debt; (iii) misrepresenting material facts regarding financial-related products or services; (iv) misrepresenting an affiliation with an attorney or law firm; (v) disclosing, using, or benefiting from consumers’ personal information; and (vi) improperly disposing of consumers’ information. In addition, the court assessed a $702,059 fine, jointly and severally with the co-defendants.
Online payments system company settles FTC privacy, security, and money transfer allegations
On February 23, the FTC announced a proposed settlement with a global online payments system company (company) to resolve a complaint filed in 2016 concerning allegations that its payment and social networking service (service) violated the FTC Act when it, among other things, failed to adequately disclose to consumers that transfers to external bank accounts were subject to review and that funds could be frozen or removed based on a review of the underlying transaction. According to FTC allegations, many consumers who relied on notifications from the service that funds were available for transfer found themselves unable to pay rent or other bills. In some instances, the service reversed transactions after initially notifying consumers the funds were available. Additionally, the service allegedly violated the Gramm-Leach-Bliley Act’s Privacy and Safeguard Rules (GLBA Rules) by misleading consumers about protections for their accounts when it claimed to use “bank-grade security systems” and failed to have a written security program or implement basic security safeguards. As a result, the FTC claims unauthorized users were able to, in certain cases, withdraw funds from consumer accounts or change passwords and/or associated email addresses without consumers being notified.
Under the proposed settlement, the company—which did not admit or deny liability and is not required to pay a fine—has agreed that it will not misrepresent any material restrictions on the use of its service, the extent of control provided by any privacy settings, and the extent to which it “implements or adheres to a particular level of security.” The company will also, among other things, make certain disclosures to consumers about its transaction and privacy practices, obtain biennial third-party assessments of its compliance with these rules for 10 years, and refrain from violating any provisions of the GLBA Rules.
International bank and head trader settle with SEC for CMBS fraud
On February 12, the Securities Exchange Commission (SEC) announced that it reached an agreement with an international bank and its former head trader for allegedly selling commercial mortgage-backed securities (CMBS) to customers by using false and misleading statements. The bank has agreed to repay more than $3.7 million to the affected customers According to the order, the bank misled customers about the original purchase price of the CMBS and failed to institute proper compliance and surveillance procedures in order to detect and prevent the misconduct. Additionally, the order states that the bank’s former head trader failed to properly supervise the traders making the allegedly false statements and failed to take appropriate action when he became aware of the statements.
In addition to the customer repayment, the bank has agreed to pay a $750,000 civil money penalty to the SEC, while the former head trader has agreed to a $165,000 civil money penalty and a 12-month suspension from the securities industry. According to the SEC, the settlement amounts reflect substantial cooperation by both parties during the investigation and remedial efforts taken by the bank to improve surveillance and compliance controls. Both parties consented to the order without admitting or denying the findings.
Virginia attorney general announces $2.7 million settlement with internet lender
On February 7, Virginia’s Attorney General, Mark R. Herring, announced a $2.7 million settlement with a Virginia affiliate of a New York-based internet lender to resolve alleged violations of the Virginia Consumer Protection Act (VCPA). According to the announcement, between January 2017 and July 2017, the online lender (i) offered installment loans with interest rates as high as 359 percent without qualifying for an exception to the state’s 12 percent interest cap; (ii) falsely claimed it was licensed by Virginia’s Bureau of Financial Institutions; and (iii) charged state residents an unlawful check-processing fee of $15 for payments made by check on closed-end installment loans. The attorney general’s office stated that the settlement requires the lender to disgorge more than $2 million in illegal interest payments received, provide over $300,000 in refunds to affected state consumers, and pay the state $30,000 in civil money penalties, costs, and fees. The settlement also contains a permanent injunction that prohibits the lender from misrepresenting its status as a licensed Virginia lender.
$368 million penalty assessed against California branch for BSA/AML deficiencies
On February 7, the OCC and DOJ announced settlements with a Netherlands-based lender’s California branch, in which the branch pled guilty to one count of conspiracy to defraud the U.S. Government for impeding and obstructing a 2012 OCC examination when it concealed deficiencies in its Bank Secrecy Act and anti-money laundering (BSA/AML) compliance programs. According to the DOJ’s press release, the branch will pay over $368 million as a result of allowing “hundreds of millions of dollars in untraceable cash, sourced from Mexico and elsewhere, to be deposited into its rural bank branches” without conducting adequate BSA/AML review, and for conspiring with several former executives to hide information from OCC officials during the 2012 examination. Among other things, the plea agreement states that the branch “created and implemented a number of policies and procedures that prevented adequate investigations into suspicious customer activity,” which included (i) creating a “Verified List” of customers whose transactions needed no further review even if there was a change in the customer’s activity from when it was verified; and (ii) instructing BSA/AML staff to “aggressively increase the number of bank accounts on the Verified List.” Further, the branch admitted it failed to both monitor and conduct adequate investigations into these transactions and submit suspicious activity reports to the Financial Crimes Enforcement Network, as required by the BSA. Additionally, in an effort to conceal deficiencies in its BSA/AML program, the branch demoted or terminated two employees who risked “contradicting” the branch’s findings. Two months before the branch's guilty plea, a former executive entered into a deferred prosecution agreement for his role in the misconduct, and agreed to cooperate with the DOJ's continuing investigation.
As part of the plea agreement, the OCC announced it had terminated a December 2013 consent order entered into with the branch over its BSA/AML failures and stated, “the OCC has determined that the bank has implemented all of the corrective actions required by the 2013 consent order and has achieved compliance with the requirements set forth in that order.” On February 6, the branch agreed to pay $50 million civil money penalty to the OCC, which will be credited towards the overall amount assessed by the DOJ.