Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On March 1, the CFPB released an Issue Spotlight exploring the challenges that recipients of public benefits programs offering cash assistance face when accessing funds through financial products or services. According to the report, financial products used to deliver public benefits, such as Social Security and unemployment compensation, are delivered through various methods—particularly prepaid cards—that may subject consumers to high fees and reduce the amount of funds the individual is able to receive.
The Bureau noted that some prepaid cards charge numerous fees that cut away at a consumer’s available funds. According to the Federal Reserve, $1.3 billion in transaction fees (including maintenance, balance inquiry, customer service, or ATM fees) were collected by prepaid card administrators in 2020. The report also found that due to significant variations in program structure and delivery at the state and county level, the amount and types of fees charged to access cash assistance vary. Additionally, inadequate and untimely customer service often prevents consumers from being able to correct problems with their accounts or access funds, the report said. Consumers highlighted concerns such as having inadequate protections against unauthorized transfers, paying high costs to replace a card, and experiencing insufficient or hypersensitive fraud filters that cause delays and account freezing. The report also flagged concerns about consumers being told to use a prepaid card issued by a particular financial institution, rather than being allowed to deposit funds into an account at an institution of their choice, thereby limiting competition.
The Bureau said it will continue to monitor and take action against entities who violate federal consumer financial protection laws and will share the report’s findings with federal and state agencies that administer public benefits programs.
On August 11, the U.S. District Court for the District of Maryland dismissed a putative class action alleging violations of the EFTA and state privacy and consumer protection laws brought against a national bank on behalf of consumers who were issued prepaid debit cards providing pandemic unemployment benefits. The named plaintiff—a self-employed individual who did not qualify for state unemployment insurance but who was eligible to receive temporary Pandemic Unemployment Assistance (PUA) benefits—alleged that he lost nearly $15,000 when an unauthorized user fraudulently used a prepaid debit card containing PUA funds that were intended for him. The court dismissed the class claims with respect to the EFTA and Regulation E, finding that the Covid-19 pandemic was a “qualified disaster” under applicable law and regulations (i.e. PUA payments were “qualified disaster relief payments”), and that as such, the payments satisfied the CFPB’s official interpretation of Regulation E and were excluded from the definition of a “prepaid account.” The court further explained that while relevant CFPB regulations define an “account” to include a prepaid account, Regulation E excludes “any ‘account that is directly or indirectly established through a third party and loaded only with qualified disaster relief payments.’” Because the prepaid debit card in question was established through a third party and was loaded only with PUA funds, it did not meet the definition of a “prepaid account” and therefore fell outside the EFTA’s definition of a covered account. The court also disagreed with the plaintiff’s contention that PUA payments were authorized by Congress in the CARES Act due to the public health emergency rather than a disaster.
On July 14, the CFPB announced a consent order against a national bank to resolve allegations that the bank engaged in unfair and abusive acts or practices with respect to unemployment insurance benefit recipients who filed notices of error concerning alleged unauthorized electronic fund transfers (EFTs). The CFPB alleged that the bank violated the CFPA by, among other things: (i) determining that “no error had occurred and [by] freezing cardholder accounts based solely on the results of [the bank’s] automated Fraud Filter”; (ii) “retroactively applying its automated Fraud Filter to reverse permanent credits for unemployment insurance benefit prepaid debit cardholders whose notices of error [the bank] had previously investigated and paid”; and (iii) “impeding unemployment insurance benefit prepaid debit cardholders’ efforts to file notices of error and seek liability protection from unauthorized EFTs.” The CFPB also claimed that the bank violated the EFTA and Regulation E by “fail[ing] to conduct reasonable investigations” of cardholders’ notices of error. Under the terms of the Bureau’s consent order, the bank is required to provide redress to harmed consumers, review and reform its unemployment insurance benefit prepaid debit card program, and pay a $100 million civil penalty to the Bureau.
The same day, the OCC announced a consent order and a $125 million civil money penalty against the bank for alleged unsafe or unsound practices related to the same prepaid card program. According to the OCC, the bank, among other things: (i) “fail[ed] to establish effective risk management” over its unemployment card program”; and (ii) “beginning in 2020, denied or delayed many consumers’ access to unemployment benefits when consumers filed or attempted to file [unemployment insurance benefits] unauthorized transaction claims.” The OCC’s civil money penalty and remediation requirement is in addition to the CFPB’s civil money penalty.
California authorizes prepaid accounts to accept publicly administered funds provided no overdraft fees
On October 5, the California governor signed SB 497, which, among other things, amends the definition of a “qualifying account” use for the purposes of depositing certain publicly administered funds. The amendment eliminates prepaid card accounts from the definition of “qualifying account,” and instead authorizes “a prepaid account or a demand deposit or savings account offered by or through an entity other than an insured depository financial institution, as specified, that is not attached to an automatic credit or overdraft feature, unless the credit or overdraft feature has no fee, charge, or cost, or it complies with the requirements for consumer credit under the federal Truth in Lending Act.” Specifically, persons or entities that are not insured depository financial institutions but who offer, maintain, or manage non-“qualifying accounts” are prohibited from soliciting, accepting, or facilitating the direct deposit of the publicly administered funds into the accounts.
On August 16, the CFPB filed its opening brief in the agency’s appeal of a district court’s December 2020 decision, which granted a payment company’s motion for summary judgment and vacated two provisions of the Bureau’s Prepaid Account Rule: (i) the short-form disclosure requirement “to the extent it provides mandatory disclosure clauses”; and (ii) the 30-day credit linking restriction. As previously covered by InfoBytes, the Bureau claimed that it had authority to enforce the mandates under federal regulations, including the EFTA, TILA, and Dodd-Frank, but the district court disagreed, concluding, among other things, that the Bureau acted outside of its statutory authority with respect to the mandatory disclosure clauses of the short-form requirement in 12 CFR section 1005.18(b) by presuming that “Congress delegated power to the Bureau to issue mandatory disclosure clauses just because Congress did not specifically prohibit them from doing so.” In striking the mandatory 30-day credit linking restriction under 12 CFR section 1026.61(c)(1)(iii), the district court determined that “the Bureau once again reads too much into its general rulemaking authority,” and that neither TILA nor Dodd-Frank vest the Bureau with the authority to promulgate substantive regulations on when consumers can access and use credit linked to prepaid accounts. Moreover, the court deemed the regulatory provision to be a “substantive regulation banning a consumer’s access to and use of credit” under the disguise of a disclosure, and thus invalid.
In its appeal, the Bureau urged the U.S. Court of Appeals for the D.C. Circuit to overturn the district court’s ruling, arguing that both the EFTA and Dodd-Frank authorize the Bureau to promulgate rules governing disclosures for prepaid accounts. “The model-clause provision simply ensures that institutions will always have a surefire way of complying with the statute, even when the Bureau’s regulations do not specify how information should be disclosed,” the CFPB said, stressing that “[n]either that provision nor anything else forecloses—let alone unambiguously forecloses—rules requiring disclosures to present specified content in a specified format so that consumers are better able to find, understand, and compare products’ terms.” The decision to adopt such rules, the Bureau added, is entitled to deference. According to the Bureau, the Prepaid Account Rule “does not make any specific disclosure clauses mandatory,” and companies are permitted to use the provided sample disclosure wording or use their own “substantially similar” wording. Additionally, the Bureau argued, among other things, that “[b]y mandating optional model clauses while remaining silent about content and formatting requirements, Congress did not ‘circumscribe the [agency’s] discretion’ to adopt such requirements.” Instead, the Bureau contended, “whether to adopt content and formatting requirements is left ‘to agency discretion.’” Moreover, the disputed requirements “fit comfortably” within its power to regulate disclosure standards under EFTA and Dodd-Frank, the Bureau argued, adding that the law “authorizes the Bureau to ‘prescribe rules to ensure that the features of any consumer financial product or service … are fully, accurately, and effectively disclosed to consumers.’”
On June 1, the U.S. District Court for the Northern District of California issued a preliminary injunction enjoining a national bank from certain actions in administering prepaid debit cards to class member recipients of Employment Development Department unemployment or disability benefits. Under the terms of the preliminary injunction, the bank is prohibited from “considering the results of [its] initial automated fraud claims filter” when investigating or resolving any alleged unauthorized transaction error claims, or from closing claims or denying credit before conducting an investigation, pursuant to EFTA and Regulation E. Class members are also entitled to a written explanation of investigative findings before the bank can deny or close a claim. Additionally, the bank is, among other things, (i) prohibited from considering the results of its claim fraud filter as justification for freezing the card account of any class member; (ii) required to reopen any claims that were closed or denied “based solely” on results of its claim fraud filter if those claims have not already been paid or previously reopened and investigated; (iii) required to provide written notice to class members with blocked accounts explaining that their accounts will be unblocked if they authenticate their identity; and (iv) establish a process for handing class member claims.
On March 31, the CFPB rescinded, effective April 1, the following policy statements, which provided temporary regulatory flexibility measures to help financial institutions work with consumers affected by the Covid-19 pandemic:
- A March 26, 2020, statement addressing the Bureau’s commitment to taking into account staffing and related resource challenges facing financial institutions related to supervision and enforcement activities.
- A March 26, 2020, statement postponing quarterly HMDA reporting requirements. (Covered by InfoBytes here.)
- A March 26, 2020, statement postponing annual data submission requirements related to credit card and prepaid accounts required under TILA, Regulation Z and Regulation E. (Covered by InfoBytes here.)
- An April 1, 2020, statement on credit reporting agencies and furnishers’ credit reporting obligations under the Fair Credit Reporting Act and Regulation V during the Covid-19 pandemic. The Bureau notes that the rescission “leaves intact the section entitled “Furnishing Consumer Information Impacted by COVID-19” which articulates the CFPB’s support for furnishers’ voluntary efforts to provide payment relief and that the CFPB does not intend to cite in examinations or take enforcement actions against those who furnish information to consumer reporting agencies that accurately reflect the payment relief measures they are employing.” (Covered by InfoBytes here.)
- An April 27, 2020, statement affirming that the Bureau would not take supervisory or enforcement action against land developers subject to the Interstate Land Sales Full Disclosure Act and Regulation J for delays in filing financial statements and annual reports of activity. (Covered by InfoBytes here.)
- A May 13, 2020, statement providing supervision and enforcement flexibility for creditors to resolve billing errors during the pandemic. (Covered by InfoBytes here.)
- A June 3, 2020, statement providing temporary flexibility for credit card issuers regarding electronic provision of certain disclosures during the Covid-19 pandemic in accordance with the E-Sign Act and Regulation Z. (Covered by InfoBytes here.)
The rescission also withdraws the Bureau as a signatory to the April 7, 2020, Interagency Statement on Loan Modifications and Reporting for Financial Institutions Working with Customers Affected by the Coronavirus (covered by InfoBytes here), and the April 14, 2020, Interagency Statement on Appraisals and Evaluations for Real Estate Related Financial Transactions Affected by the Coronavirus (covered by InfoBytes here).
Additionally, the Bureau issued Bulletin 2021-01 announcing changes to how it communicates supervisory expectations to institutions. Bulletin 2021-01 replaces Bulletin 2018-01 (covered by InfoBytes here), which previously created two categories of findings conveying supervisory expectations: Matters Requiring Attention (MRAs) and Supervisory Recommendations (SRs). Under the revised Bulletin, the Bureau notes that examiners “will continue to rely on [MRAs] to convey supervisory expectations” but will no longer issue formal written SRs, as the agency believes that MRAs will more effectively convey its supervisory expectations. The Bulletin further states that “Bureau examiners may issue MRAs with or without a related supervisory finding that a supervised entity has violated a Federal consumer financial law.”
On December 30, the U.S. District Court for the District of Columbia granted a payment company’s motion for summary judgment against the CFPB, vacating two provisions of the agency’s Prepaid Account Rule: (i) the short-form disclosure requirement “to the extent it provides mandatory disclosure clauses”; and (ii) the 30-day credit linking restriction. As previously covered by InfoBytes, the company filed a lawsuit against the Bureau alleging, among other things, that the Bureau’s Prepaid Account Rule exceeds the agency’s statutory authority “because Congress only authorized the Bureau to adopt model, optional disclosure clauses—not mandatory disclosure clauses like the short-form disclosure requirement.” The Bureau countered that it had authority to enforce the mandates under federal regulations, including the Electronic Fund Transfer Act (EFTA), TILA, and Dodd-Frank, arguing that the “EFTA and [Dodd-Frank] authorize the Bureau to issue—or at least do not foreclose it from issuing—rules mandating the form of a disclosure.” The Bureau also claimed that its general rulemaking power under either TILA or Dodd-Frank provides authority for the 30-day credit-linking restriction.
With respect to the mandatory disclosure clauses of the short-form requirement in 12 CFR section 1005.18(b), the court concluded, among other things, that the Bureau acted outside of its statutory authority. The court stated that “Congress underscored the need for flexibility by requiring the Bureau to ‘take account of variations in the services and charges under different electronic fund transfer systems’ and ‘issue alternative model clauses’ for different account terms where appropriate” and it could not “presume—as the Bureau does—that Congress delegated power to the Bureau to issue mandatory disclosure clauses just because Congress did not specifically prohibit them from doing so.”
In striking the mandatory 30-day credit linking restriction under 12 CFR section 1026.61(c)(1)(iii), the court determined that “the Bureau once again reads too much into its general rulemaking authority.” First, the court determined that neither TILA nor Dodd-Frank vest the Bureau with the authority to promulgate substantive regulations on when consumers can access and use credit linked to prepaid accounts. Second, the court deemed the regulatory provision to be a “substantive regulation banning a consumer’s access to and use of credit” under the disguise of a disclosure, and thus invalid.
On March 26, the CFPB announced several regulatory flexibility measures to help financial companies work with consumers affected by Covid-19. Specifically, the measures postpone certain industry data collections on Bureau-related rules. These include:
- HMDA. Quarterly information reporting by certain mortgage lenders as required under HMDA and Regulation C will not be expected during this time. However, entities should continue collecting and recording HMDA data in anticipation of making annual submissions. Entities will be provided information by the Bureau on when and how to commence new quarterly HMDA data submissions. (See statement here.)
- TILA. During this time, annual submissions required under TILA, Regulation Z, and Regulation E “concerning agreements between credit card issuers and institutions of higher education; quarterly submission of consumer credit card agreements; collection of certain credit card price and availability information; and submission of prepaid account agreements and related information” will not be expected. (See statement here.)
- Section 1071. A survey seeking information from financial institutions on the cost of compliance in connection with pending rulemaking on Section 1071 of the Dodd-Frank Act has been postponed. As previously covered by InfoBytes, under the terms of a stipulated settlement resolving a 2019 lawsuit that sought an order compelling the Bureau to issue a final rule implementing Section 1071, the Bureau agreed to outline a proposal for collecting data and studying discrimination in small-business lending.
- PACE Financing. A survey of firms providing Property Assessed Clean Energy (PACE) financing to consumers for the purposes of implementing Section 307 of the Economic Growth, Regulatory Relief, and Consumer Protection Act has been postponed.
- Supervision and Enforcement. The Bureau’s policy statement provides “that it does not intend to cite in an examination or initiate an enforcement action against any entity for failure to submit to the Bureau” specified information related to credit card and prepaid accounts. However, the Bureau’s announcement advises entities to “maintain records sufficient to allow them to make delayed submissions pursuant to Bureau guidance.” With respect to operational challenges facing institutions due to Covid-19, the Bureau states that it will work with institutions when scheduling examinations and other supervisory activities to minimize disruption and burden. “[W]hen conducting examinations and other supervisory activities and in determining whether to take enforcement action, the Bureau will consider the circumstances that entities may face as a result of the [Covid-19] pandemic and will be sensitive to good-faith efforts demonstrably designed to assist consumers,” the announcement states.
On December 11, a payments company filed a lawsuit against the CFPB in the U.S. District Court for the District of Columbia alleging that the Bureau’s Prepaid Account Rule (Rule), which took effect April 1 and provides protections for prepaid account consumers, exceeds the agency’s statutory authority and is “arbitrary and capricious” under the Administrative Procedures Act (APA). The company further asserts that the Rule violates its First Amendment rights by requiring it to make confusing disclosures that contain categories not relevant to the company’s products. According to the complaint, the Rule mandates that the company send “short form” fee disclosures to customers that include references to fees for ATM balance inquiries, customer service, electronic withdrawal, international transactions, and other categories, and “prohibits [the company] from including explanatory phrases within the disclosure box to describe the nature of these fee categories.” These disclosures, the company asserts, have confused many customers who mistakenly believe the company charges fees to access funds stored as a balance with the company, to make a purchase with a merchant, or to send money to friends or family in the U.S. The company also claims that the Bureau erroneously lumped it into the same category as providers of general purpose reloadable cards (GPR cards), and argues that the Rule ignores how prepaid cards fundamentally differ from digital wallets, which has resulted in several unintended consequences.
The company asserts that the Rule is unlawful and invalid under the APA and the Constitution for three principal reasons:
- The Rule contravenes the Bureau’s statutory authority by (i) establishing a mandatory and misleading disclosure regime that is not authorized by federal law; and (ii) “impos[ing] a 30-day ban on consumers linking certain credit cards to their prepaid account—a prohibition the law nowhere authorizes the Bureau to impose.”
- Even if the Bureau possesses the statutory authority it claims to have, the rulemaking process was “fundamentally flawed” due to its one-size-fits-all Rule that misunderstands the different characteristics of digital wallets compared to GPR cards. By treating digital wallets as if they are GPR cards, the Rule violates the APA’s reasoned decision-making requirement. Additionally, the Rule is marked by “an insufficient cost-benefit analysis that failed to properly weigh the limited benefits consumers might derive from the Rule against the costs” stemming from the Rule’s changes.
- The Rule violates the First Amendment by failing to satisfy the heightened standard that a law or regulation “directly advances a substantial government interest” because it requires the company to makes certain disclosures that are irrelevant to its digital wallet product. Moreover, the Rule’s disclosure obligations “functionally impair the speech in which [the company] might otherwise engage” by mandating that it provide confusing and misleading disclosures about the nature of its offerings.
The complaint asks that the Rule be vacated and declared arbitrary, an abuse of discretion, not in accordance with the law, and unconstitutional, and additionally seeks injunctive relief, attorneys’ fees and costs.