Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On September 27, the FDIC announced its release of a list of administrative enforcement actions taken against banks and individuals in August. According to the press release, the FDIC issued 13 orders, which include “four consent orders; one removal and prohibition order; four civil money penalty orders; two terminations of consent orders; and five section 19 orders.” Notably, the FDIC assessed a civil money penalty against a Texas-based bank for alleged violations of the Flood Disaster Protection Act, including failing to (i) obtain flood insurance coverage on loans at the time of origination, increase, extension, or renewal; (ii) maintain flood insurance coverage for the term of a loan; (iii) follow force-placement flood insurance procedures; or (iv) provide borrowers with notice of the availability of federal disaster relief assistance “in all cases whether or not flood insurance is available under the [National Flood Insurance Act] for the collateral securing the loan.”
On September 25, the CFPB filed a complaint in the U.S. District Court for the District of Maryland against a debt collection entity, its subsidiaries, and their owner (collectively, “defendants”) for allegedly violating the Fair Credit Reporting Act (FCRA), Fair Debt Collection Practices Act (FDCPA), and the Consumer Financial Protection Act (CFPA). In the complaint, the Bureau alleges that the defendants violated the FCRA and its implementing Regulation V by, among other things, failing to (i) establish or implement reasonable written policies and procedures to ensure accurate reporting to consumer-reporting agencies; (ii) incorporate appropriate guidelines for the handling of indirect disputes in its policies and procedures; (iii) conduct reasonable investigations and review relevant information when handling indirect disputes; and (iv) furnishing information about accounts after receiving identity theft reports about such accounts without conducting an investigation into the accuracy of the information. The Bureau separately alleges that the violations of the FCRA and Regulation V constitute violations of the CFPA. Additionally, the Bureau alleges that the defendants violated the FDCPA by attempting to collect on debts without a reasonable basis to believe that consumers owed those debts. The Bureau is seeking an injunction, damages, redress to consumers, disgorgement, the imposition of a civil money penalty, and costs.
On September 23, Department of Treasury Deputy Secretary Justin Muzinich delivered remarks at the 2019 Treasury Market Structure Conference. He discussed broadly the Department’s domestic and international finance priorities, including housing finance reform, digital taxation, cryptocurrency, and securities. Muzinich first addressed Treasury’s housing finance reform plan released September 5 (previously covered by InfoBytes here), stating that the “plan includes nearly 50 recommended legislative and administrative reforms that are incremental, realistic, and balanced, and aim to preserve widespread and affordable access to the 30-year fixed-rate mortgage.” With respect to digital taxation, Muzinich discussed the disproportionate effect of taxing digital businesses’ revenue on U.S. firms, and stated that the Department is actively seeking a multilateral solution. He next addressed several concerns regarding the use of cryptocurrency to evade existing legal frameworks, such as those governing taxation, anti-money laundering, and countering the financing of terrorism. Muzinich emphasized that the existing legal frameworks “apply to digital assets in no uncertain terms,” and referred to guidance released by the Department’s Office of Foreign Assets Control, which clarified that U.S. sanctions compliance obligations are the same regardless of whether a transaction is denominated in digital currency or traditional fiat currency (previously covered by InfoBytes here.) Muzinich noted, however, that there still exist several concerns that the government must consider regarding the effect cryptocurrency has on financial stability, the monetary base, consumer protection and privacy. The Deputy Secretary noted that these issues are being discussed both internationally and domestically. Muzinich closed his remarks by discussing the securities market and announced, among other things, that the Department is working with the Financial Industry Regulatory Authority to begin publicly releasing aggregated data on Treasury volumes, which will ensure that all market participants have access to the same comprehensive data.
On September 25, the U.S. House passed the SAFE Banking Act (H.R. 1595) by a vote of 321-103. As previously covered by InfoBytes, in March, the House Financial Services Committee passed the bipartisan measure, which would provide a safe harbor for depository institutions that provide a financial product or service to a covered business in a state that has implemented laws and regulations that ensure accountability in the marijuana industry.
Additionally, on September 23, a bipartisan group of 21 state attorneys general wrote to members of Congress to urge the advancement of a different piece of legislation that would allow banks to serve marijuana-related businesses in states and territories that have legalized certain uses of marijuana. Specifically, the letter expresses support for the Strengthening the Tenth Amendment Through Entrusting States Act (STATES Act), which “would allow each [s]tate and territory to determine, for itself, the best approach to marijuana legalization within its borders, while at the same time creating protections to ensure that such regulation does not impose negative externalities on those states and territories that choose other approaches.” The AGs emphasize that neither the SAFE Act (S.B. 1028 and H.R. 2093) nor the letter serve as an endorsement of any “particular approach to cannabis policy,” but rather are intended to prevent residents of states and territories that have legalized some form of marijuana from being subjected to “a confusing and dangerous regulatory limbo.” The STATES Act would effectively exempt marijuana from the Controlled Substances Act (CSA) in states where the drug has been legalized. In addition to providing an exemption from the CSA, the STATES Act would reduce businesses’ reliance on cash-only models—which, the AGs argue, make it more difficult to track revenue for tax and regulatory compliance purposes—and provide certain protections for states that choose to operate in this industry.
On September 19, 26 Republican members of the House Financial Services Committee wrote to the OCC, urging the agency to update its interpretation of the definition of “interest” under the National Bank Act (NBA) to limit the impact of the U.S. Court of Appeals for the Second Circuit’s 2015 decision in Madden v. Midland Funding, LLC (covered by a Buckley Special Alert here). The letter argues that Madden deviated from the longstanding valid-when-made doctrine—which provides that if a contract that is valid (not usurious) when it was made, it cannot be rendered usurious by later acts, including assignment—and has “caused significant uncertainty and disruption in many types of lending programs.” Specifically, the letter asserts that the decision “threatens bank-fintech partnerships” that may provide better access to capital and financing to small business and consumers. The letter acknowledges the recently filed amicus brief in the U.S. District Court for the District of Colorado by the OCC and the FDIC, which criticized the Madden decision for disregarding the valid-when-made doctrine and the “stand-in-the-shoes-rule” of contract law (previously covered by InfoBytes here), and requests that the OCC prioritize rulemaking to address the issue.
On September 24, the FTC announced a proposed $23 million settlement with a Belizean bank resolving allegations that it assisted various entities in deceiving U.S. consumers into purchasing parcels of land in a luxury development in Belize. As previously covered by InfoBytes, in November 2018, the FTC filed charges and obtained a temporary restraining order against the operators of an international real estate investment scheme, which allegedly violated the FTC Act and the Telemarketing Sales Rule by advertising and selling parcels of land through the use of deceptive tactics and claims. The FTC asserted that consumers who purchased lots in the development purchased them outright or made large down payments and sizeable monthly payments, including HOA fees, and that defendants used the money received from these payments to fund their “high-end lifestyles,” rather than invest in the development. The FTC argued that “consumers either have lost, or will lose, some or all of their investments.” At the time, the FTC filed separate charges against the Belizean bank for allegedly assisting and facilitating the scam.
According to the FTC, the bank has now agreed to the proposed consent order to settle the allegations. The consent order requires the bank to pay $23 million, which will be used to provide equitable relief, including consumer redress, and to cease all non-liquidation business activities permanently. Additionally, the consent order prohibits the liquidator or anyone else from seeking to re-license and operate the bank’s business. The consent order must be approved by the U.S. District Court for the District of Maryland.
On September 18, the FHFA issued Advisory Bulletin AB 2019-04, which provides guidance to Fannie Mae and Freddie Mac (GSEs) on fraud reporting requirements pursuant to 12 C.F.R. Part 1233 (FHFA Regulation). The Bulletin states that the GSEs are required to notify designees of the Director of the FHFA through the secure methods established by the FHFA within one calendar day from when the GSE discovers fraud or possible fraud that may have a “significant impact” on the GSE. The Bulletin defines “significant impact” as an event that “may create substantial financial or operational risk for the Enterprise, whether from a single event/incident or because it is systemic.” Moreover, the GSEs are required to submit a monthly fraud status report to the FHFA containing instances where they have (i) filed a suspicious activity report (SAR) with the Treasury Department or the Financial Crimes Enforcement Network; or (ii) discovered that the Enterprise purchased or sold a fraudulent loan or financial instrument, or suspects a possible fraud related to the purchase or sale of any loan or financial instrument, and the Enterprise has not filed a SAR. Additionally the GSEs are required to submit quarterly reports summarizing information concerning the GSE fraud risk management environments. The Bulletin is effective January 1, 2020.
On September 17, nine Democratic Senate Banking Committee members wrote to the CFPB in response to its Advanced Notice of Proposed Rulemaking (ANPR) soliciting feedback on amending Regulation Z and the Ability to Repay/Qualified Mortgage Rule (ATR/QM Rule) to minimize disruption from the so-called GSE patch expiration, previously covered by a Buckley Special Alert. The GSE patch confers Qualified Mortgage status for loans purchased or guaranteed by Fannie Mae and Freddie Mac (GSEs) while those entities operate under FHFA conservatorship. The letter urges the Bureau to ensure two things when reexamining the regulation: (i) borrowers maintain the same level of access to responsible, affordable mortgage credit; and (ii) all mortgage underwriting decisions are based on a borrower demonstrating an ability to repay and rely on documentation and use verified income. The Senators request that the CFPB use the ANPR “as an opportunity to ensure the ATR and QM regulations facilitate a mortgage market that provides access to safe, sustainable mortgage credit for all creditworthy borrowers.”
In September, the CFPB published documents related to an investigation into whether a national bank opened credit card accounts without customer authorization in violation of various federal laws and regulations, including the Fair Credit Reporting Act and the Consumer Financial Protection Act’s ban on unfair or abusive practices. In March 2019, the Bureau issued a civil investigative demand (CID) to the bank seeking, among other things, “a tally of specific instances of potentially unauthorized credit card accounts,” as well as a manual assessment of card accounts that were never used by the customer. The bank argued in its petition to modify or set aside the CID that it had already provided information to regulators showing that it did not have a “systemic sales misconduct issue,” and cited to the OCC’s broad review into sales practice issues at mid-size and large national banks, which has not, according to the bank, identified systemic issues with bank employees opening unauthorized accounts without consumer consent. Among other things, the bank also contended that the CID was unduly burdensome—requiring manual account-level assessments—and said the CFPB should end its investigation because the facts “refute an investigation’s initial hypothesis.” The bank further argued that the inquiry into its sales practices should be conducted by CFPB supervisory staff instead of as an enforcement investigation, which would be “the proper mechanism for resolving any remaining issues when an investigation fails to uncover evidence warranting [e]nforcement action.”
Concerning the bank’s argument that the CID was unduly burdensome, the Bureau stated in its order denying the petition that the bank had failed to “meaningfully engage” with the Bureau during the course of the investigation in a way that merited modification to the terms of the CID. Moreover, with regard to whether the investigation should be conducted by supervisory staff, the Bureau countered that “[t]his is not a request properly made in a petition to modify or set aside a CID, for the same reasons that it is not proper to use a CID petition to ask that the Bureau close an investigation because (in the recipient’s view) it has already shown that it engaged in no wrongdoing.”
On September 12, the CFTC issued an order against an Illinois-based futures commission merchant imposing a $1.5 million fine for allegedly failing to protect its systems from cybersecurity threats and not alerting its customers in a reasonable timeframe after a breach occurred. According to the order, the CFTC claims the merchant failed to adequately implement and comply with cybersecurity policies and procedures as well as a written information systems security program, and “policies and procedures related to customer disbursements by its employees.” The CFTC contends that because of these failures the merchant’s email system was breached, which allowed access to customer information and convinced the merchant’s customer service specialist to mistakenly wire $1 million in customer funds. While the merchant approved reimbursement of the funds shortly after discovery, instituted measures to prevent additional fraudulent transfers, and notified regulators the same day, the CFTC alleges it failed to disclosure the breach or the fraudulent wire in a timely manner to current or prospective customers. Under the terms of the order, the merchant must pay a civil money penalty of $500,000 plus post-judgment interest, as well as restitution of $1 million. The merchant’s previous reimbursement of customer funds when the fraud was discovered was credited against the restitution amount.
- Garylene D. Javier to moderate "Innovation in an evolving privacy landscape" at the American Bar Association Business Law Section Consumer Financial Services Committee Winter Meeting
- Buckley Webcast: What’s next for privacy and data security in 2021 and beyond?
- Sasha Leonhardt to discuss "The Servicemembers Civil Relief Act and the Military Lending Act: Enforcement lessons, common pitfalls and emerging issues" at an NAFCU webinar
- H Joshua Kotin to discuss "Diversity & inclusion: Litigation and enforcement" at the Tri-State Mortgage Conference
- Tim Lange to discuss "State legislative impacts of 2020" at the NMLS 2021 Annual Conference
- Daniel R. Alonso to discuss "How to become an AUSA" at the New York City Bar Association Minorities in the Courts Committee “How To” series