Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On March 7, the FTC announced a new legal action and a final settlement issued against individuals and their operations for allegedly engaging in schemes that exploit elderly Americans. The actions are part of an enforcement sweep spearheaded by the DOJ in conjunction with, among others, the FBI, the FTC, Immigration and Customs Enforcement’s Homeland Security Investigations, and the Louisiana Attorney General, which—according to a press release issued the same day by the DOJ—is the largest-ever coordinated nationwide elder fraud sweep, involving multiple cases, over 260 defendants, and more than two million allegedly victimized U.S. Citizens, most of whom are elderly.
According to the FTC’s complaint, the company used deceptive tactics to convince consumers, the majority of whom were older, that their computers were infected with viruses in order to sell expensive and unnecessary computer repair services in violation of the FTC Act, the Telemarketing Sales Rule, and the Restore Online Shoppers’ Confidence Act. Specifically, the company allegedly used internet ads to target consumers looking for email password assistance and once they contacted the consumers, the telemarketers would run phony “diagnostic” tests that falsely showed the consumer’s computer was in danger and needed software and services to be fixed. On February 27, the U.S. District Court for the Southern District of Utah, granted a temporary restraining order against the company and its founder.
The FTC also announced a proposed settlement with a sweepstake operation that allegedly bilked consumers out of tens of millions of dollars through personalized mailers that falsely implied that the recipients had won or were likely to win a cash prize if they paid a fee. As previously covered by InfoBytes, the FTC announced the charges against the company in February 2018, alleging that consumers, most of whom were elderly, paid more than $110 million towards the scheme. The final settlement not only requires the operation to turn over $30 million in assets and cash to provide redress to the victims, but also permanently bans the operators from similar prize promotions in the future. The proposed settlement has not yet been approved by the court.
On March 5, FTC Chairman Joseph Simons spoke at the National Association of Attorneys General (NAAG) Winter Meeting to advocate for increased collaboration with state Attorneys General. Noting that such collaboration is critical to the agency’s mission, Simons highlighted FTC consumer protection goals as well as several collaborative efforts, including joint task forces and investigation and enforcement initiatives. Buckley attorneys Michelle L. Rogers, Antonio Reynolds, and Katherine Halliday, co-authors of What To Expect From Increased FTC-State AG Collaboration, discuss how Simons’ pitch to NAAG could turn out to be a useful signal of increased joint FTC-AG enforcement activity in the future.
On March 5, Attorneys General from all 50 states, as well as from the District of Columbia, Guam, Puerto Rico, and the U.S. Virgin Islands, sent a letter to the Senate Committee on Commerce, Science, and Transportation supporting a recently introduced bipartisan bill to combat illegal robocalls. Among other things, S. 151, the Telephone Robocall Abuse Criminal Enforcement and Deterrence Act (TRACED Act), would: (i) grant the FCC three years to take action against robocall violations, instead of the current one-year window; (ii) authorize the agency to issue penalties of up to $10,000 per robocall; and (iii) require service providers to implement the FCC’s new call authentication framework. The AGs state that they “are encouraged that the TRACED Act prioritizes timely, industrywide implementation of call authentication protocols,” and note their support for an interagency working group that the bill would establish consisting of members from the DOJ, FCC, FTC, CFPB, other relevant federal agencies, state AGs, and non-federal stakeholders.
On March 5, the Illinois Attorney General announced a lawsuit against a Georgia-based tax preparation business and its Chicago operators alleging the defendants collected more than $1 million in undisclosed fees from consumers from their anticipated income tax refunds for unnecessary tax-related financial products. According to the press release, the Illinois AG alleges that the defendants advertised services to consumers promising, for a $350 fee, tax refunds double their normal size and free cash advances on anticipated refunds. However, the AG alleges the defendants instead extract high, undisclosed, and unauthorized fees from consumers’ refunds without their knowledge. The complaint asks the court to grant a temporary restraining order to shut down the defendants’ operations.
On February 25, the California Attorney General announced a legislative proposal that would amend several aspects of the California Consumer Privacy Act (CCPA). The CCPA was originally enacted in June 2018 (covered by a Buckley Special Alert) and subsequently amended in September 2018 (covered by InfoBytes here). The CCPA, which carries an effective date of January 1, 2020, on most provisions, sets forth various requirements for businesses that collect, transfer, or sell a consumer’s personal information. Under SB 561, which was introduced on February 22, the law would be amended to (i) expand the right of California citizens to bring private legal actions, removing aspects of the law that provided exclusivity to the AG; (ii) remove provisions that would allow companies to request guidance from the California AG on how to comply with the law, instead allowing the AG to publish general guidance; and (iii) would allow enforcement actions to be brought immediately, removing the 30-day cure window.
On February 11, a coalition of 22 Democratic state Attorneys General responded to the CFPB’s proposed policy on No-Action Letters (NAL) and a new federal product sandbox, pushing back on the Bureau’s efforts to provide relief to financial institutions looking to implement new consumer financial products or services. (InfoBytes coverage on the proposal available here.) The Attorneys General argued that the Bureau “has no authority to issue such sweeping immunity absent formal rulemaking” and urged the Bureau to rescind the proposals, which the Bureau had stated were exempt from the notice and comment procedures of the Administrative Procedures Act.
In addition to challenging the Bureau’s authority to establish these policies, the Attorneys General asserted specific concerns with the NAL proposal, including (i) the fact that the proposed NAL policy would make NALs binding on the CFPB indefinitely; (ii) the streamlined application process and 60-day decision window, potentially causing the Bureau to render hasty, uninformed decisions; and (iii) the proposed NAL policy’s purported deviations from the policies of other federal agencies, such as the SEC.
As for the new product sandbox, the Attorneys General viewed the proposed policy as “even more troubling” than the NAL proposal, as it provides immunity from “enforcement actions by any Federal or State authorities, as well as from lawsuits brought by private parties.” The Attorneys General rejected the Bureau’s contention that the statutory safe harbors in TILA, ECOA, and the EFTA grant the authority to provide the broad enforcement relief and accused the Bureau of “abandoning its critical role in monitoring the risk that new and emergency technologies post to consumers in the financial marketplace.”
On February 11, a bipartisan group of 29 state Attorneys General, the District of Columbia Attorney General, and an official from the Hawaii Office of Consumer Protection, responded to the FTC’s request for comment on whether the agency should make changes to its identity theft detection rules (the Red Flags Rule and the Card Issuers Rule), which require financial institutions and creditors to take certain actions to detect signs of identity theft affecting their customers. (Covered by InfoBytes here.)
In their response, the Attorneys General urge the FTC not to repeal the Rules, arguing that it “would place consumers at greater risk of identity theft, especially consumers in states that have not enacted” laws that complement the Rules. Instead, the response letter requests the FTC modify the Rules to “ensure their continued relevance” and “keep pace with the ingenuity of identity thieves.” The suggestions include: (i) that notices of changes to email addresses and cell phone numbers be sent to both the prior and updated addresses and phone numbers, an expansion of the current use of mailing addresses; (ii) the encouragement of more current forms of authentication, including multi-factor authentication, to replace examples which imply that knowledge-based authentication by itself is sufficient; and (iii) the addition of new suspicious activity examples related to the use of an account, such as a covered account accessed by unknown devices or IP addresses, an unauthorized user unsuccessfully trying to guess account passwords through multiple attempts, and attempts by foreign IP addresses to access multiple accounts in a close period of time.
On January 31, the U.S. District Court for the Southern District of New York granted final approval and class certification to a $22 million settlement resolving class action allegations that a national bank improperly charged overdraft fees on “one-time, non-recurring” transactions made with a ride-sharing company. The court found that the bank mischaracterized these one-time charges as recurring transactions, which allowed the bank to charge overdraft fees of $35. Prior to the court’s approval of the settlement, 12 state Attorneys General sent a letter to the court arguing that the agreement’s release of liability to the ride-sharing company was inequitable. The court found, however, that the release “does not compromise the fairness, reasonableness, and adequacy of the settlement,” where, among other things, plaintiffs’ counsel investigated the viability of claims against the ride-sharing company and concluded that litigation against the company could present problems for the proposed class and for individual recovery. The $22 million settlement constitutes 80 percent of all revenues charged by the bank as a result of the overdraft fees. The court also approved $5.5 million in attorneys’ fees and $50,000 in costs.
On January 22, the Florida Attorney General announced a settlement with a car rental automotive group resolving allegations the company did not adequately disclose add-on fees for cashless tolls and other related add-on charges. According to the settlement, the Attorney General launched an investigation after receiving consumer complaints alleging the company did not clearly disclose that consumers would be charged $15 per cashless toll, in addition to the actual toll fees. Additionally, consumers who opted into an add-on product that would allow them to go through cashless tolls without penalty alleged the company misled them regarding that product’s fees. The settlement requires the company to (i) clearly and conspicuously disclose all fees regarding cashless tolls or associated products within written agreements; (ii) provide clear disclosures regarding fees on their website, online reservation system, confirmation emails and at the rental counters; (iii) refund fees paid for tolls or the associated add-on product to consumers who were charged between January 1, 2011 and January 7, 2019, and who submit claim forms; and (iv) provide accurate disclosures on damage waivers. The settlement also prohibits the company from charging consumers for a higher car class when the car class reserved by a consumer is unavailable.
On January 22, a coalition of 14 state Attorneys General submitted a comment letter responding to the FDIC’s Request for Information (RFI) on small-dollar lending. (See previous InfoBytes coverage on the RFI here.) According to the letter, while the coalition welcomes the FDIC’s interest in encouraging FDIC-supervised financial institutions to offer responsibly underwritten and prudently structured small-dollar credit products that are economically viable and address consumer credit needs, the coalition simultaneously raises several legal risks affecting state-chartered banks seeking to enter this space.
- Banks face challenges when entering into relationships with “fringe lenders,” specifically with respect to the potential evasion of state restrictions related to state usury laws, “rent-a-bank” lending, and tribal sovereign immunity. The coalition recommends that the FDIC discourage banks from entering into such relationships.
- State-chartered banks are still subject to state unfair or deceptive acts or practices laws and state-law unconscionability claims. The coalition recommends that the FDIC encourage banks to evaluate consumers’ ability to repay, factoring in conditions such as consumers’ monthly expenses, their ability to repay a loan’s entire balance without re-borrowing, and their “capacity to absorb an unanticipated financial event. . .and, nonetheless, still be able to meet the payments as they become due.” The coalition recommends that the FDIC include the factors banks should consider before extending small-dollar loans to consumers in any guidance that it issues.
- Jonice Gray Tucker to discuss "MCCA's blueprint for selling & buying - A pitch workshop for outside counsel" at the Minority Corporate Counsel Association Creating Pathways to Diversity Conference
- Buckley Webcast: Get ready for CCPA
- Daniel P. Stipano to discuss "BSA/AML culture of compliance roundtable" at the FiSCA Annual Conference
- Daniel P. Stipano to discuss "Is there a better way to fight money laundering" at the FiSCA Annual Conference
- Michelle L. Rogers to discuss "What's trending in enforcement" at the Mortgage Bankers Association Annual Convention & Expo
- Kathryn L. Ryan and Moorari K. Shah to discuss "Today's regulatory environment - Are you in the know?" at the Equipment Leasing and Finance Association Annual Convention
- Buckley Webcast: Smoke and mirrors: Navigating the regulatory landscape in banking the marijuana industry
- H Joshua Kotin to discuss "CMS - Components of a successful monitoring program" at the RegList Annual Workshop
- Tim Lange to discuss "Temporary authority to operate - Are you prepared? Hear what the states are doing" at the RegList Annual Workshop
- Sherry-Maria Safchuk to discuss "Cybersecurity" at the RegList Annual Workshop
- Jeffrey P. Naimon to discuss "Hot topics in mortgage origination" at the Conference on Consumer Finance Law Annual Consumer Financial Services Conference
- Jonice Gray Tucker to discuss "Fintech regulatory developments, crypto-assets, blockchain and digital banking, and consumer issues" at the Practising Law Institute Banking Law Institute
- Amanda R. Lawrence to discuss "How to balance a successful (and stressful) career with greater personal well-being" at the American Bar Association Women in Litigation Joint CLE Conference