Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On June 21, the FTC announced that the U.S. District Court for the District of Connecticut temporarily halted the operation of an alleged credit repair scheme based on allegations the company charged illegal upfront fees and falsely claimed to substantially improve consumers’ credit scores in violation of the FTC Act, the Credit Repair Organizations Act, the Telemarketing Sales Rule (TSR), the Consumer Review Fairness Act, TILA, and the EFTA. According to the complaint, since 2014, the company, among other things, (i) claims they can improve consumers’ credit scores by removing negative items and hard inquiries from credit reports; (ii) charges advance fees for their services; (iii) does not provide the required disclosures for its services, including credit transaction disclosures related to the financing of the service fees; (iv) engages in electronic funds transfers from consumers’ bank accounts without proper authorization; and (v) threatens consumers with legal action after consumers complain about the lack of results. The court order requires the company to temporarily cease its operations and ensures the company’s assets are frozen.
On June 17, the U.S. Court of Appeals for the 9th Circuit held that no showing of irreparable harm is required for the FTC to obtain injunctive relief when the relief is sought in conjunction with a statutory enforcement action where the applicable statute authorizes such relief. According to the opinion, the FTC brought an action against an entity and related individuals (collectively, “defendants”) operating a mortgage loan modification scheme for allegedly violating the FTC Act and Regulation O by making false promises to consumers for services designed to prevent foreclosures or reduce interest rates or monthly mortgage payments. (Previously covered by InfoBytes here.) The FTC brought the action under the second proviso of Section 13(b) of the FTC Act, which allows the agency to pursue injunctive relief without initiating administrative action. The district court granted the motion for preliminary injunction without requiring the FTC to make a showing of irreparable harm.
On appeal, the 9th Circuit rejected the defendants’ argument that the FTC was still required to demonstrate the likelihood of irreparable harm in a Section 13(b) action. The appellate court noted that the FTC’s position is supported by the court’s precedent, quoting “‘[w]here an injunction is authorized by statute, and the statutory conditions are satisfied . . ., the agency to whom the enforcement of the right has been entrusted is not required to show irreparable injury.’” The appellate court concluded that its precedent is not irreconcilable with the 2008 Supreme Court decision in Winter v. Natural Resource Defense Council, Inc, noting that Winter did not address injunctive relief in the context of statutory enforcement. Therefore, the appellate court concluded that although irreparable harm is required to obtain injunctive relief in an ordinary case, the district court did not error in granting injunctive relief, without the showing of irreparable harm, in conjunction with a statutory enforcement action.
On June 12, the FTC announced a settlement under which a software provider agreed to better protect the data it collects, resolving allegations that the company failed to implement reasonable data security measures and exposed personal consumer information obtained from its auto dealer clients in violation of the FTC Act and the Standards for Safeguarding Customer Information Rule, issued pursuant to the Gramm-Leach-Bliley Act.
In its complaint, the FTC alleged the company’s failure to, among other things, (i) implement an organization information security policy; (ii) implement reasonable guidance or training for employees; (iii) use readily available security measures to monitor systems; and (iv) impose reasonable data access controls, resulted in a hacker gaining unauthorized access to the company’s database containing the personal information of approximately 12.5 million consumers. The proposed consent order requires the company to, among other things, implement and maintain a comprehensive information security program designed to protect the personal information it collects, including implementing specific safeguards related to the FTC’s allegations. Additionally, the proposed consent order requires the company to obtain third-party assessments of its information security program every two years and have a senior manager certify compliance with the order every year.
On June 6, the FTC announced that it submitted its 2018 Annual Financial Acts Enforcement Report to the CFPB. The report—which the Bureau requested for its use in preparing its 2018 Annual Report to Congress—covers the FTC’s enforcement activities regarding Regulation Z (the Truth in Lending Act or TILA), Regulation M (the Consumer Leasing Act or CLA), and Regulation E (the Electronic Fund Transfer Act or EFTA). Highlights of the enforcement matters covered in the report include:
- Auto Lending and Leasing. The report discusses two enforcement matters related to deceptive automobile dealer practices. The first, filed in August 2018, alleged that a group of four auto dealers, among other things, advertised misleading discounts and incentives in their vehicle advertisements, and falsely inflated consumers’ income and down payment information on financing applications. The charges brought against the defendants allege violations of the FTC Act, TILA, and the CLA. The FTC sought, among other remedies, a permanent injunction to prevent future violations, restitution, and disgorgement. (Detailed InfoBytes coverage of the filing is available here.) In the second, in December 2018, the FTC mailed over 43,000 checks, totaling over $3.5 million, to consumers allegedly harmed by nine dealerships and owners engaged in deceptive and unfair sales and financing practices, deceptive advertising, and deceptive online reviews. (Detailed InfoBytes coverage is available here.)
- Payday Lending. The report covers two enforcement matters, including the U.S. Court of Appeals for the 9th Circuit’s December 2018 decision upholding the $1.3 billion judgment against defendants responsible for operating an allegedly deceptive payday lending program. The decision is the result of a 2012 complaint in which the FTC alleged that the defendants engaged in deceptive acts or practices in violation of Section 5(a) of the FTC Act by making false and misleading representations about costs and payment of the loans. (Detailed InfoBytes coverage is available here.) The report also indicates that, in February 2018, the FTC issued over 72,000 checks totaling more an $2.9 million to consumers stemming from a July 2015 settlement, that alleged that online payday operators used personal financial information purchased from third-party lead generators or data brokers to make unauthorized deposits into and withdrawals from consumers’ bank accounts, regardless of whether the consumer applied for a payday loan. (Detailed InfoBytes coverage is available here.)
- Negative Option. The report covers six enforcement matters related to alleged violations of the EFTA and Regulation E for “negative option” plans, including three new filings against online marketers for allegedly advertising “free trial” offers for products that enrolled consumers in expensive, ongoing plans without their knowledge or consent. The report notes that, in 2018, the FTC reached a settlement with one entity and obtained a court judgment against another, both resulting in injunctive relief and monetary settlements (which were suspended due to the defendants’ inability to pay). The report also notes that the FTC mailed 2,116 refund checks totaling more than $355,000 to people who bought an allegedly deceptive “memory improvement” supplement.
Additionally, the report addresses the FTC’s research and policy efforts related to truth in lending and leasing, and electronic fund transfer issues, including (i) a study of consumers’ experiences in buying and financing automobiles at dealerships; and (ii) the FTC’s Military Task Force’s work on military consumer protection issues. The report also outlines the FTC’s consumer and business education efforts, which include several blog posts warning of new scams and practices.
On May 24, the FTC announced the launch of a dedicated fintech resource page hosted on the agency’s business center website. The fintech page contains the following materials: (i) guidance, including Safeguards Rule and Privacy Rule compliance information; (ii) videos that will be regularly rotated discussing topics such as artificial intelligence and blockchain; (iii) related posts containing relevant information on small business financing and recent fintech enforcement actions; and (iv) legal resources, including relevant cases and staff reports.
On May 21, the FTC announced a payment processor, its CEO and owner, and two other officers (collectively, “defendants”) agreed to settle charges that they knowingly processed fraudulent transactions to consumers’ accounts in violation of the FTC Act. According to the FTC’s complaint, the defendants allegedly assisted merchants, who were engaged in fraud, in hiding their activities from banks and credit card networks. The defendants allegedly (i) created fake foreign shell companies to open accounts in their names; (ii) submitted dummy websites and other false information to merchant banks; and (iii) worked to evade card network rules and monitoring designed to prevent fraud. The settlement order against the processing company and its CEO imposes a judgment of over $110 million, which is partially suspended due to the inability to pay. The settlement order against one officer imposes a judgment of over $300,000, which is suspended due to the inability to pay. The settlement order against the second officer, the company’s Chief Operating Officer, imposes a $1 million judgment. Each order imposes a permanent ban on the defendants from, among other things, engaging in payment processing and credit card laundering, whether directly or through an intermediary.
On May 22, the FTC published a final rule in the Federal Register rescinding model forms and disclosures promulgated pursuant to the FCRA. The FTC has determined the model forms and disclosures are no longer necessary and the rescission would reduce confusion as the CFPB’s FCRA model forms and disclosures were updated in 2018. Specifically, the final rule rescinds: (i) Appendix A—Model Prescreen Opt-Out Notices; (ii) Appendix D—Standardized Form for Requesting Annual File Disclosures; (iii) Appendix E—Summary of Identity Theft Rights; (iv) Appendix F—General Summary of Consumer Rights; (v) Appendix G—Notice of Furnisher Responsibilities; and (vi) Appendix H—Notice of User Responsibilities. The final rule also makes conforming amendments to FTC rules that reference the applicable forms issued under the FCRA. The rule is effective May 22.
On May 8, the FTC Commissioners participated in a subcommittee hearing before the House Committee on Energy and Commerce entitled, “Oversight of the Federal Trade Commission: Strengthening Protections for Americans’ Privacy and Data Security.” During the hearing, the Commissioners were questioned about the agency’s privacy and data security enforcement and regulatory activities, including whether they would support preemption of state privacy laws by a federal privacy statute. Using the California Consumer Privacy Act (covered by InfoBytes here) as an example, some Congressmen worried about the prospect of conflicting privacy legislation in other states, creating “confusion and uncertainty in the business community.”
Split along party lines, Democratic Commissioners expressed caution with federal preemption of state privacy laws; Commissioner Chopra, citing to federal preemption laws leading up to the mortgage crisis, warned of “unintended consequences.” Democratic Commissioner Slaughter recognized the “desire for uniformity, consistency, clarity, and predictability” that a federal law would provide, but noted that the appropriateness of preemption should be based on “whether a federal law meets or exceeds…the level of protections that states can provide and whether it allows them the opportunity to fill any gaps that may remain after a federal law is developed.” Republican Commissioners stressed the importance of having a federal law that would preempt the current “patchwork” of state laws, which Commissioner Phillips argued is “essential” in order to provide businesses clarity and reduced compliance costs, while also providing consumers with more power to understand expectations. FTC Chairman Simons noted that even if federal law preempts state privacy laws, Congress should grant concurrent enforcement authority to the states’ attorneys general.
The hearing also discussed, among other things, (i) the need for additional resources to increase agency staff focused on privacy issues; (ii) giving the FTC authority to levy civil money penalties, as Section 5 of the FTC act does not allow the Commission to seek civil penalties for first-time privacy violations; and (iii) the need for targeted rule-making authority.
On May 8, the FTC held a forum with members of the small business marketplace to discuss the recent uptick in online loans and alternative financing products, and to analyze the potential for unfair and deceptive marketing, sales, and collection practices in the industry. Opening “Strictly Business: An FTC Forum on Small Business Financing,” FTC Commissioner Rohit Chopra expressed broad concerns about the state of entrepreneurship in the U.S. and the barriers small businesses face when negotiating contracts. Three panels discussed topics including (i) recent trends in the financing marketplace and small business financing products; (ii) the impact of fintech in online lending; (iii) an examination of the risks and benefits of the merchant cash advance industry; and (iv) consumer protection risks and legislative, self-regulatory, and educational efforts to help better protect borrowers.
During the first panel, several industry members discussed the importance of credit and financing products in meeting the capital needs of small businesses who often experience challenges with funding operations and cash management. While traditional bank lending and Small Business Administration (SBA) loans often require lengthy, costly underwriting standards, several panelists noted that new marketplace financing options have created opportunities for small businesses that previously did not exist. Among other things, panelists emphasized that there is a big difference between consumer credit and business credit, and that online lenders are leveraging underlying business data, credit card receivables data, and fundamental underlying business transaction data to make sure small businesses can sustain and service their debt. Funding time is also critical to small businesses with many choosing online lenders for faster access to funds. The panel discussed the benefits of online financing products, such as moving away from including consumer credit scores in the underwriting process and examining nontraditional data to look at cash flow, but also cautioned that there can be a lack of transparency around terms and pricing.
The second panel discussed the merchant cash-advance (MCA) industry, which they described as providing an unregulated form of financing for small businesses in the form of factoring future receivables. Recently, the industry has been scrutinized for alleged collection abuses and use of confessions of judgment (COJs). COJs, which allow lenders to legally seize borrowers’ bank accounts and other assets without a judge’s review, have led to a flood of questionable legal actions against small businesses, according to Commissioner Chopra. However, one of the panelists noted that the FTC limited the ban on COJs to consumers.
The third panel discussed consumer protection risks as well as products and information available for small business borrowers. A key concern amongst several of the panelists was whether business borrowers are sophisticated enough to understand the various options and if they are able to receive the necessary information to shop between products, such as APRs, total costs, and average monthly payments. The panel also discussed federal and state law, as well as self-regulatory efforts, that offer protections for small business borrowers. All agreed that there has been significant action taken at the state level to try to standardize and harmonize these types of lending practices, and while there was support for a national standard, they cautioned that a weaker national standard should not preempt a stronger state standard. Transparent disclosure standards, consumer protection oriented issues such as privacy and data security, as well as deceptive practices, were also discussed, with panelists agreeing that outreach and consumer education is vital in helping consumers make informed decisions.
Director of the FTC’s Bureau of Consumer Protection, Andrew Smith, closed the forum by emphasizing that the FTC has broad authority under the FTC Act to tackle unfair and deceptive practices, and stating that the Commission is very concerned about reports of unfair and deceptive marketing, sales, and collection practices in the small-business finance market. He stressed that while financial technologies can evolve quickly, the underlying legal protections for small businesses remain the same.
On May 2, the FTC announced it completed its review of the Holder Rule (the Rule)—formally called the “Trade Regulation Rule Concerning Preservation of Consumers’ Claims and Defenses”—which is applicable when consumers purchase personal goods or services with money loaned by a merchant or a lender that works with a merchant. The Rule, aimed at preventing businesses from using financing mechanisms to collect debts from consumers in situations where the merchant failed to deliver the goods or services or engaged in fraud or other misconduct, preserves consumers’ right to assert the same legal claims and defenses against anyone who purchases the credit contract as they would have against the seller who originally provided the credit. In 2015, as part of a systematic review of all its rules and guides, the FTC sought public comment on the Rule and received 19 comments in response. All comments urged retaining the Rule, and after review, the Commission determined there was a continuing need for the Rule and the record did not warrant a rulemaking to modify the Rule. As reflected in the notice published in the Federal Register, the FTC’s action confirming the Rule took effect May 2 and is applicable as of April 23.
- Jonice Gray Tucker to discuss "MCCA's blueprint for selling & buying - A pitch workshop for outside counsel" at the Minority Corporate Counsel Association Creating Pathways to Diversity Conference
- Buckley Webcast: Get ready for CCPA
- Daniel P. Stipano to discuss "BSA/AML culture of compliance roundtable" at the FiSCA Annual Conference
- Daniel P. Stipano to discuss "Is there a better way to fight money laundering" at the FiSCA Annual Conference
- Michelle L. Rogers to discuss "What's trending in enforcement" at the Mortgage Bankers Association Annual Convention & Expo
- Kathryn L. Ryan and Moorari K. Shah to discuss "Today's regulatory environment - Are you in the know?" at the Equipment Leasing and Finance Association Annual Convention
- Buckley Webcast: Smoke and mirrors: Navigating the regulatory landscape in banking the marijuana industry
- H Joshua Kotin to discuss "CMS - Components of a successful monitoring program" at the RegList Annual Workshop
- Tim Lange to discuss "Temporary authority to operate - Are you prepared? Hear what the states are doing" at the RegList Annual Workshop
- Sherry-Maria Safchuk to discuss "Cybersecurity" at the RegList Annual Workshop
- Jeffrey P. Naimon to discuss "Hot topics in mortgage origination" at the Conference on Consumer Finance Law Annual Consumer Financial Services Conference
- Jonice Gray Tucker to discuss "Fintech regulatory developments, crypto-assets, blockchain and digital banking, and consumer issues" at the Practising Law Institute Banking Law Institute
- Amanda R. Lawrence to discuss "How to balance a successful (and stressful) career with greater personal well-being" at the American Bar Association Women in Litigation Joint CLE Conference