InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
District Court Grants $30 Million Settlement in Payday Lending Securities Class Action Suit
On September 20, a federal judge in the U.S. District Court for the Eastern District of Pennsylvania issued a memorandum signing off on a settlement between a payday lender and a class of institutional investors, resolving allegations that the lender violated securities laws when it made “materially false and misleading statements” about its financial health and the nature of its U.K. lending practices. According to the plaintiffs, the lender’s misstatements artificially inflated the common stock during the class period (January 28, 2011 through February 3, 2014), so that when the lending practices were revealed, the stock prices declined. Further, the lender allegedly (i) “routinely lent to borrowers without conducting any affordability checks”; (ii) “permitted borrowers to roll over loans that [they] could not afford to repay, enriching [the lender] with fees”; and (iii) presented “loan loss reserves [that] were understated as a result of its poor lending practices, its failure to adequately monitor the quality of its loans, and its failure to properly account for loans that were rolled over.” In 2016, the court granted class certification and the parties reached a settlement after extensive discussions. The final settlement approved in the memorandum creates a settlement fund of $30 million, of which $7.5 million will go towards attorneys’ fees and costs. The court signed a judgment approving the class action settlement the same day.
DOJ Announces Settlement With Financial Institution Over Alleged SCRA Violations Concerning Auto Repossessions
On September 18, the DOJ announced a settlement with a large financial institution resolving allegations that the financial institution had illegally repossessed 164 active-duty servicemembers’ vehicles without first obtaining necessary court orders in violation of the Servicemembers Civil Relief Act (SCRA). The DOJ filed its complaint against the financial institution in the U.S. District Court for the Northern District of Texas the same day the settlement agreement was reached. According to the complaint, the financial institution repossessed the vehicles between 2007 and 2010, when it completed the sale of its automobile lending and servicing arm to a different company. As part of a separate enforcement action against the company that acquired the accounts, the DOJ discovered that the financial institution allegedly violated the SCRA by arranging “for the physical repossession of the automobile and later [selling] the account to [the new company], which attempted to collect fees relating to the unlawful repossession.” Further, the complaint alleges that the financial institution conducted repossessions without SCRA-required court orders, even though the company possessed information “in its own records suggesting that a borrower could be a SCRA-protected servicemember,” or knew that “the borrower was in military service or had received orders to report for military service” and “nevertheless continued repossession efforts and eventually succeeded in repossessing the [servicemembers’] vehicles.”
While the financial institution has denied the allegations, it agreed to compensate affected servicemembers $907,000, 163 of whom are to receive $5,000 each, in addition to the $5,000 previously received as partial compensation from a separate settlement the DOJ reached with the company that acquired the accounts. The remaining impacted servicemember, who did not receive partial compensation, will receive $10,000 from the escrow account. All 164 servicemembers will also receive $500 for “lost equity” and accrued interest. In addition, the financial institution must provide credit repair relief to each affected servicemember and any co-borrowers, and are required to cooperate with an “Independent Settlement Administrator” who will monitor compliance. Further, should the financial institution resume originating or servicing automobile loans, it is required to provide notice to the DOJ every six months of any SCRA or military-related complaint.
House Financial Services Committee Issues Second Interim Report on Bureau’s Role in Fraudulent Accounts Scandal Investigation
On September 19, the Majority Committee Staff of the House Financial Services Committee (Committee) released a second interim report and supporting documents on the investigation of the role the CFPB played in detecting and remedying a major national bank’s practice of opening unauthorized bank accounts. As previously covered in InfoBytes, the first interim report, issued June 6, accused Director Richard Cordray, among other things, of failing to cooperate with the Committee’s “comprehensive investigation.” The second interim report claims the CFPB and Director Cordray failed to comply with the Committee’s repeated requests for documents related to the investigation into the bank’s practices, never conducted its own independent investigation (but, instead, “relied primarily, if not exclusively,” on a third party report), and withheld a crucial Recommendation Memorandum from the Committee for over a year that disclosed analysis of the legal and factual components of the Bureau’s investigation, as well as an evaluation of whether to enter into a settlement. The Committee’s accusations also include claims that Director Cordray allegedly misled Congress about the agency's investigation into the bank’s illegal sales practices and may have “rushed” a settlement with the bank, which resulted in a $100 million fine when it was potentially liable for a statutory civil monetary penalty exceeding $10 billion. Chairman Jeb Hensarling (R-Tex.) said in a press release that “[t]he premature suspension of its investigation means that the CFPB also potentially lost the opportunity to discover recently revealed instances of further consumer harm.”
SEC Reaches Settlement With Investment Adviser for Allegedly Overcharging Clients
On September 14, the SEC announced a settlement in an administrative proceeding against a national bank’s investment adviser subsidiary that allegedly overcharged more than 4,500 clients a total of over $1.1 million for costlier mutual fund share classes that carried 12b-1 marketing and distribution fees when shares of the same mutual funds were available without such fees. The SEC alleged that, from at least December 2011 through approximately June 2015, the investment adviser breached its fiduciary duties, made inadequate disclosures regarding conflicts of interest between the investment adviser and its representatives (who ultimately shared in the gains from the 12b-1 fees as compensation), and did not update its compliance policies and procedures to require its investment adviser representatives to identify or evaluate available share classes. The order cites violations of the Investment Advisers Act of 1940, as well as Rule 206(4)-7. While the investment adviser has neither admitted nor denied the allegations, it has, among other things, agreed to pay a penalty of more than $1.1 million, will provide disgorgement plus interest on any 12b-1 fees that have not yet been refunded to customers, and has been censured.
District Judge Issues Order Against Bi-Weekly Payment Company, Denies Restitution Sought by CFPB
On September 8, a federal judge in the U.S. District Court for the Northern District of California issued an opinion and order against a company after a seven-day bench trial, finding that the company misrepresented its bi-weekly payment program in violation of the Consumer Financial Protection Act (CFPA). As previously covered in InfoBytes, the CFPB filed a complaint in 2015 against the company, its wholly owned subsidiary, and the company’s founder, alleging that the company’s false and misleading marketing practices were abusive and deceptive when it minimized the existence or amount of the program’s setup fee, misled borrowers on the amount of actual savings, and created the impression that the company was affiliated with the lender. The payment program allowed the defendants to contract with borrowers to make their mortgage, credit card, or other loan payments for them. The program automatically debited their accounts every two weeks in an amount equal to one-half of the monthly payment on the loan. This resulted in 26 payments per year, with the extra payments going towards paying down the principal on the loan. The judge granted the $7.9 million civil penalty proposed by the CFPB but denied the restitution of almost $74 million that the CFPB had sought—a full refund of all setup fees—because it found that “the CFPB has not proved that defendants engaged in the type of fraud commonly connoted by the well-worn phrase ‘snake oil salesmen,’” and specifically had “not shown, and could not show, that the [payment] program never provid[ed] a benefit to consumers, or that no fully-informed consumer would ever elect to pay to participate in the program.” The court found that further injunctive relief is warranted but directed the parties to meet and confer to determine the specific terms of the relief. The court noted that the CFPB had only sought civil penalties under the “basic tier” of the CFPA’s civil penalties provision and speculated that the CFPB did not propose higher penalties because it also expected to obtain a large amount of restitution. Nevertheless, the court found that higher penalties for reckless or knowing violations were not warranted because the defendants had taken “affirmative steps such as training, quality control, and seeking legal counsel, in an effort to stay on the right side of the line.”
District Court Grants Preliminary Settlement Approval in SCRA Class Action Suit
On September 13, the U.S. District Court for the Eastern District of North Carolina granted preliminary approval to settle a class-action suit resolving allegations that a national bank overcharged military families on interest and fees related primarily to mortgage and credit card accounts in violation of the Servicemembers Civil Relief Act (SCRA). The order also, in the context of the proposed settlement only, preliminarily certifies the class, which is comprised of members who—after September 11, 2001—were entitled to “additional compensation related to military reduced interest rate benefits from [the bank].” The plaintiffs filed the complaint against the bank in 2015 claiming alleged violations of the SCRA, TILA, and the North Carolina Unfair and Deceptive Trade Practices Act. In May 2016, the court denied the defendants’ motion to dismiss the first amended complaint, and at the end of 2016, the parties agreed to mediation. A second amended complaint—now the operative complaint—was filed just prior to the motion for preliminary approval. While the bank has not admitted any wrongdoing, it has agreed to refrain from using an “interest subsidy method for interest benefits calculations for a five-year period,” which, plaintiffs pleaded, can lead to higher costs.
According to the terms of the memorandum in support of the motion for preliminary approval, class members will receive payments based on the strength of their individual claims, considering such factors as: (i) loan type; (ii) whether they previously received remediation from the bank, and how much; and (iii) the eligible period for interest rate refunds. The memorandum further stipulates that approximately $15.4 million of the nearly $42 million overall settlement will be provide to class members who have not received or deposited any payments from the bank. Unclaimed amounts from the first round will be pooled with the remainder of the settlement to be allocated as outlined in the distribution plan. A final approval hearing is scheduled for February of next year.
FTC Announces First EU-U.S. Privacy Shield Enforcement Actions Over False Certification Claims
On September 8, the FTC announced settlements with three companies over allegations that they falsely claimed certification to take part in the European Union-U.S. Privacy Shield (EU-U.S. Privacy Shield) framework. These settlements mark the FTC’s first EU-U.S. Privacy Shield enforcement actions. In July 2016, the EU finalized and adopted the EU-U.S. Privacy Shield Framework, which established a mechanism for companies to transfer consumer data between the EU and the U.S. in compliance with specified obligations. (See previous InfoBytes summary here.) In separate complaints, the FTC alleges that a human resources software company, a printing services company, and a company that manages real estate leases for wireless companies, violated the FTC Act by falsely claiming that they were certified to participate in the EU-US Privacy Shield without having completed the certification process. According to the terms of the settlements as summarized in the FTC press release, the companies are all banned from “misrepresenting the extent to which they participate in any privacy or data security program sponsored by the government or any self-regulatory or standard-setting organization and must comply with FTC reporting requirements.”
CFPB Issues Consent Order to Online Lead Aggregator, Settles Separate 2016 Lead Aggregator Action
On September 6, the CFPB ordered an online loan lead aggregator to pay $100,000 for its alleged involvement in selling leads to small-dollar lenders and installment loan purchasers who then extended loans that were void in whole or in part under the borrower’s state laws. The consent order alleges that the California-based company knew the state of residence for each lead sold, yet “regularly sold [l]eads for consumers located in states where the resulting loan was void or the lender had no legal right to collect the principal, interest, or fees from the consumer based on state-licensing requirements or interest-rate limits.” The order also claims that, because the company knows the identity of each purchaser prior to the sale of the loan, it should also know (i) whether the purchaser is likely to comply with the state laws, or (ii) whether the leads it sells will result in loans exceeding state usury interest rate limits or fail to be in compliance with the consumer’s state laws. Pursuant to the consent order, in addition to the $100,000 civil money penalty, the company must (i) “undertake reasonable efforts to ensure” leads do not result in loans that are void under the laws of the consumer’s state; (ii) obtain, among other things, copies of licenses required by each state for its end users “where the absence of such a license would render a loan void in whole or in part under the laws of that state”; (iii) implement procedures for reviewing loans that result from its leads to ensure compliance with privacy and other laws; (iv) establish a policy to prohibit lenders from making loans that are likely to result in loans that are void under the consumer’s state-licensing requirements or interest-rate limits and “refrain from conveying” leads for such loans; and (v) submit registration for the Bureau’s Company Portal.
On the same day, the CFPB also entered into a $250,000 settlement with the company’s president and primary owner for his alleged actions cited in a 2016 complaint involving his role as the operator of a different online lead aggregator. (See previous InfoBytes summary here.) In addition to the civil money penalty, the president has agreed to (i) make efforts to guarantee that all loans offered to consumers are valid in the states where they live; (ii) ensure that there is no misleading, inaccurate, or false information contained in the consumer-facing content of all lead generators from which leads are accepted; and (iii) require all lead generators to “prominently disclose to consumers an accurate description” of how leads will be received, conveyed, and processed. The president has neither admitted nor denied the CFPB’s allegations.
FTC Announces Two Separate Settlements to Resolve Allegedly Deceptive Telemarketing Schemes
On September 1, the FTC issued a press release announcing a settlement with a Utah-based operation and its owner (Defendants) to resolve allegations that the company had created merchant accounts to help telemarketers process consumer credit card transactions in violation of the Federal Trade Commission Act (FTC Act) and the Telemarketing Sales Rule (TSR). According to the complaint, Defendants nominated individuals to serve as “principals” of straw companies, which then were used to open merchant accounts to assist telemarketers who did not meet the requirements or standards for opening the accounts on their own. The telemarketers, in turn, allegedly deceived consumers by making false promises regarding business opportunities that they claimed would generate substantial income, and processed credit card payments from consumers using the straw company merchant accounts for the allegedly “worthless opportunities.” Under the terms of the order, Defendants are permanently banned from the payment processing business, including acting as an independent sales organization or sales agent, and must pay a judgment of more than $3 million. The FTC suspended the judgment due to the Defendants’ inability to pay, but noted that it “will become due immediately if [Defendants] are found to have misrepresented their financial condition.”
Separately on August 31, the FTC announced that a default judgment had been issued in a pending action brought against the operators of a deceptive telemarketing scheme who allegedly targeted Spanish-speaking consumers by pretending to be affiliated with the Peruvian government and deceived consumers by giving the impression that the calls were from emergency responders or by people the consumers had provided as references. The allegations, which violated the FTC Act and the TSR, claimed that consumers were presented opportunities to participate in language courses at discounted prices and were misled about prizes they had won. When consumers declined to participate or cancelled delivery of the prizes, the telemarketers made “false and threatening” claims of “legal or financial consequences,” allegedly posing as lawyers or government officials. Under the terms of the default judgment, the telemarketers (i) are ordered to pay $6.3 million as equitable monetary relief; (ii) are banned from telemarketing activities; and (iii) prohibited from misrepresenting material facts.
FTC and 32 States Settle Charges with Computer Manufacturer Concerning Preinstalled Software that Allegedly Compromised Online Security
On September 5, the FTC announced that, along with 32 state attorneys general, it had entered into a consent order with a global computer manufacturer to settle charges that it had preloaded advertising software on certain laptops that compromised consumers’ security protections. According to a complaint filed by the FTC, as well as complaints filed by the state attorneys general (see New Jersey Attorney General’s complaint), the manufacturer allegedly began selling the preloaded laptops beginning in August 2014. The software program—using a technique known as a “man-in-the-middle”—was able to access and collect consumers’ personal information that was transmitted over the internet, including login credentials, social security numbers, financial details, medical information, and email communications, without the consumers’ permission. The process entailed replacing the security certificates of visited encrypted websites with the software’s own certificates that could be easily compromised. The digital certificate substitution created multiple security vulnerabilities, which, among other issues, prevented consumers’ browsers from warning users if they visited “potentially spoofed or malicious websites with invalid digital certificates.” The FTC noted in its complaint that “[t]his practice violated basic encryption key management principles because attackers could exploit this vulnerability to issue fraudulent digital certificates that would be trusted by consumers' browsers.”
According to the complaints, the manufacturer allegedly (i) did not disclose to consumers prior to purchase that the problematic software had been installed; (iii) failed to warn consumers about the security vulnerability; and (iii) unfairly preinstalled software, which acted as a “man-in-the-middle” between consumers and visited websites—all of which are violations of state consumer protection laws and the Federal Trade Commission Act. The complaints further alleged that the manufacturer failed to provide consumers with an easy way to effectively opt out of the preinstalled software.
The terms of the FTC consent order stipulate the following: (i) the manufacturer is prohibited from making misleading representations about any software feature; (ii) consumers must affirmatively grant consent before this type of software may be installed, and the manufacturer must provide instructions for consumers to revoke consent or opt out; and (iii) a comprehensive software security program must be developed and implemented to address new and existing software security risks and will be subject to third-party biennial assessments for the next 20 years. The judgment reached with the state attorneys general also imposes a $3.5 million settlement to be divided between the states.