Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On January 14, NYDFS Superintendent Linda Lacewell announced that former Deputy Director of the CFPB, Leandra English, will serve as Special Policy Advisor to the Department. In her role, English will report directly to Lacewell and will manage and develop NYDFS’ policy initiatives involving consumers, financial services, and other issues. English will also be responsible for spearheading NYDFS’ policy development and analysis process, and assisting in the identification of common regulatory trends and risks across industries.
On January 15, Paul Clement, the lawyer selected by the U.S. Supreme Court to defend the leadership structure of the CFPB, filed a brief in Seila Law LLC v. CFPB arguing that Seila Law’s constitutionality arguments are “remarkably weak” and that “a contested removal is the proper context to address a dispute over the President’s removal authority.” First, Clement stated that “there is no ‘removal clause’ in the Constitution,” and that because the “constitutional text is simply silent on the removal of executive officers” it does not mean there is a “promising basis for invalidating an Act of Congress.” Moreover, the Constitution leaves it to Congress to decide “all manner of questions about the organization and structure of executive-branch departments and officers,” Clement wrote. Second, Clement disagreed with the argument that Congress cannot impose modest restrictions on the President’s ability to remove executive officers, so long as the President is the one exercising the removal powers. Third, Clement noted that in the past, the Court has repeatedly upheld the ability to place permissible restrictions on a President’s removal authority.
Clement further contended, among other things, that the dispute in Seila is “not just unripe, but entirely theoretical.” He referenced the Bureau’s brief filed last September (covered by InfoBytes here), in which the CFPB argued that the for-cause restriction on the President’s authority to remove the Bureau’s single director violates the Constitution’s separation of powers, and noted that “[w]hatever was true when this suit was first filed, the theory of the unitary executive appears alive and well in the Director’s office.” Rather, Clement stated, the Court should wait for an instance where a CFPB director has been fired for something short of the “inefficiency, neglect of duty, or malfeasance in office” threshold that Congress set for dismissing a CFPB director in Dodd-Frank before ruling on the question. Clement also emphasized that “text, first principles and precedent” all “strongly support” upholding the U.S. Court of Appeals for the Ninth Circuit’s decision from last May, which deemed the CFPB to be constitutionally structured and upheld a district court’s ruling enforcing Seila Law’s compliance with a 2017 civil investigative demand.
As previously covered by InfoBytes, the 9th Circuit held that the for-cause removal restriction of the CFPB’s single director is constitutionally permissible based on existing Supreme Court precedent. The panel agreed with the conclusion reached by the U.S. Court of Appeals for the D.C. Circuit majority in the 2018 en banc decision in PHH v. CFPB (covered by a Buckley Special Alert) stating, “if an agency’s leadership is protected by a for-cause removal restriction, the President can arguably exert more effective control over the agency if it is headed by a single individual rather an a multi-member body.”
The parties in Seila filed briefs last December. While both parties are in agreement on the CFPB’s single-director leadership structure, they differ on how the matter should be resolved. Seila Law argued that the Court should invalidate all of Title X of Dodd-Frank, whereas the Bureau contended that the for-cause removal provision should be severed from the rest of the law in accordance with Dodd-Frank’s express severability clause. Oral arguments are scheduled for March 3. (Previous InfoBytes coverage here.)
On January 14, the FDIC again published a notice and request for comments in the Federal Register on innovation pilot programs. The FDIC first solicited comments on innovation pilot programs in November, with comments due by January 6. As no comments were submitted, the agency is once again requesting comments on the programs, which, as previously covered by InfoBytes, it hopes will spur collaboration “with innovators in the financial, non-financial, and technology sectors to, among other things, identify, develop, and promote technology-driven innovations among community and other banks in a manner that ensures the safety and soundness of FDIC-supervised and insured institutions.”
Comments must be received by February 13.
On January 12, the U.S. District Court for the Northern District of California dismissed one of plaintiffs’ causes of action and concluded that only two of the 67 public statements the plaintiffs identified in support of their securities fraud causes of action against a large bank and its former CEO (defendants) related to the defendants “collateral protection insurance (CPI) … practices for auto loan customers” were actionable. The plaintiffs alleged that while, in July 2016, the defendants learned of irregularities with respect to the CPI and, by September 2016, discontinued the program, the defendants did not disclose information on the CPI program’s issues until July 2017, after which time, the defendants’ stock price dropped. The plaintiffs then filed suit based on 67 public statements made by the defendants prior to that time, which the plaintiffs alleged the defendants knew were “false or misleading” and resulted in the bank’s stockholders losing money.
Upon review, the court found that 65 of the 67 public statements, on which the plaintiffs’ causes of action were based were not actionable. The two statements that the court found may support the plaintiffs’ causes of action were those made by the defendants when they were specifically asked whether they knew about “potential misconduct outside of the already disclosed improper retail banking sales practices” and, each time, “failed to disclose the CPI issue….” With respect to the two statements, the court found that the plaintiffs had “met [their] burden under the PSLRA (private securities litigation reform act)” to show a “strong inference that the defendant acted with the required state of mind,” and that the plaintiffs “adequately pleaded loss causation.” According to the opinion, the defendants did not challenge the plaintiffs’ contentions about the two alleged misstatements’ connection to the purchase or sale of the defendants’ securities, or that the plaintiffs relied on the misstatements or omissions and experienced economic losses as a result.
On January 10, the FTC announced that it entered into two settlement agreements: one with a call center and two individuals, and one with an additional individual (together, “the settling defendants”) that it claims made illegal robocalls to consumers as part of a cruise line’s telemarketing operation allegedly aimed at marketing free cruise packages to consumers. According to the two settlements (see here and here), the settling defendants “participated in unfair acts or practices in violation of . . . the FTC Act, and the FTC’s Telemarketing Sales Rule [(TSR)]” by “(a) placing telemarketing calls to consumers that delivered prerecorded messages; (b) placing telemarketing calls to consumers whose telephone numbers were on the National Do Not Call Registry; and (c) transmitting inaccurate caller ID numbers and names with their telemarketing calls.” The defendants are permanently banned from making telemarketing robocalls, and have been levied judgments totaling $7.8 million, all but $2,500 of which has been suspended due to the defendants’ inability to pay.
Also on January 10, the FTC filed a complaint in the U.S. District Court for the Middle District of Florida against the remaining six defendants allegedly involved in the telemarketing operation, for violations of the FTC Act and TSR based on the same actions alleged against the settling defendants.
On January 14, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced it was imposing sanctions on a North Korean trading corporation and a China-based North Korean lodging facility for facilitating North Korea’s practice of sending laborers abroad. According to OFAC, North Korea’s continued practice of exporting North Koreans as illicit laborers is an ongoing attempt to undermine and evade United Nations Security Council Resolutions. The designated companies’ exportation of workers on behalf of the country, OFAC stated, has generated revenue for the North Korean government or the Workers’ Party of Korea. As a result of the sanctions, “all property and interests in property of these targets that are in the United States or in the possession or control of U.S. persons must be blocked and reported to OFAC.” OFAC noted that its regulations “generally prohibit” U.S. persons from participating in transactions with the designated persons, and warned foreign financial institutions that if they knowingly facilitate significant transactions for any of the designated individuals, they may be subject to U.S. secondary sanctions.
On January 13, Washington state lawmakers announced two bills designed to strengthen consumer access and control over personal data and regulate the use of facial recognition technology. Highlights of SB 6281, the Washington Privacy Act, include the following:
- Applicability. SB 6281 will apply to legal entities that conduct business or produce products or services that are targeted to Washington consumers that also (i) control or process personal data for at least 100,000 consumers; or (ii) derive more than 50 percent of gross revenue from the sale of personal data, in addition to processing or controlling the personal data of at least 25,000 consumers. Exempt from SB 6281, among others, are state and local governments, municipal corporations, certain protected health information, personal data governed by state and federal regulations, and employment records.
- Consumer rights. Consumers will be able to exercise the following concerning their personal data: access; correction; deletion; data portability; and opt-out rights, including the right to opt out of the processing of personal data for targeted advertising and the sale of personal data.
- Controller responsibilities. Controllers required to comply with SB 6281 will be responsible for (i) transparency; (ii) limiting the collection of data to what is required and relevant for a specified purpose; (iii) ensuring data is not processed for reasons incompatible with a specified purpose; (iv) securing personal data from unauthorized access; (v) prohibiting processing that violates state or federal laws prohibiting unlawful discrimination against consumers; (vi) obtaining consumer consent in order to process sensitive data; and (vii) ensuring contracts and agreements do not contain provisions that waive or limit a consumer’s rights. Controllers must also conduct data protection assessments for all processing activities that involve personal data, and conduct additional assessments each time a processing change occurs that “materially increases the risk to consumers.”
- State attorney general. SB 6821 does not create a private right of action for individuals to sue if there is an alleged violation. However, the AG will be permitted to bring actions and impose penalties of no more than $7,500 per violation. The AG will also be required to submit a report evaluating the liability and enforcement provisions of SB 6281 by 2022 along with any recommendations for change.
- Information sharing. SB 6281 will allow the state governor to enter into agreements with British Columbia, California, and Oregon, which will allow personal data to be shared for joint research initiatives.
- Facial Recognition. SB 6281 will establish limits on the commercial use of facial recognition services. Among other things, the bill will require third-party testing on all services prior to deployment for accuracy and unfair performance, conspicuous notice when a service is deployed in a public space, and will require companies to receive consumer consent prior to enrolling an image in a service used in a public space.
The second bill, SB 6280, will more specifically govern the use of facial recognition services by state and local government agencies, and, among other things, outlines provisions for the use of facial recognition services when identifying victims of crime, stipulates restrictions concerning ongoing surveillance, and requires agencies to produce an annual report containing a compliance assessment.
As previously covered by InfoBytes, last year, New York introduced proposed legislation (see S 5642) that seeks to regulate the storage, use, disclosure, and sale of consumer personal data by entities that conduct business in New York state or produce products or services that are intentionally targeted to residents of New York state. Provisions included in the measures introduced by New York and Washington state differ from those contained in the California Consumer Privacy Act (CCPA), which took effect January 1. (Previous InfoBytes coverage on the CCPA is available here.)
On January 13, the New Jersey governor signed S 2998, which amends the state’s collateral protection insurance (CPI) disclosure requirements. The amendments provide that when CPI is required and provided by the creditor, the creditor must disclose to the consumer debtors that they will be responsible for interest on the CPI cost “at the same rate that is applied pursuant to [the debtor’s] credit agreement.” The creditor must also provide a “good faith estimate” of what the CPI coverage will cost the debtor. Additionally, the creditor must instruct the debtors how to provide evidence of the required insurance, so that in those instances where the debtor obtains CPI, the creditor-purchased CPI can be cancelled and the costs and interest fees can be recovered. The amendments take effect on April 12.
On December 26, the CFPB denied a petition by a student loan relief company to modify or set aside a civil investigative demand (CID) issued by the Bureau last October. According to the company’s petition, the CID requested information as part of an investigation into the company’s promotion of student loan debt relief programs. As previously covered by InfoBytes, stipulated orders were entered against the company by the FTC and the Minnesota attorney general for violations of TILA and the assisting and facilitating provision of the Telemarketing Sales Rule, which resulted in the company being permanently banned from engaging in transactions involving debt relief products and services or making misrepresentations regarding financial products and services. In its petition, the company argued that the CFPB’s requests were duplicative of the FTC’s earlier investigation. The company also argued that the documents and materials sought in the CID were overly burdensome and the time frame to respond was too short. Furthermore, the company stated that until the U.S. Supreme Court issues a decision in Seila Law v. CFPB on whether the Bureau’s structure violates the Constitution’s separation of powers under Article II, the CID should either be withdrawn or stayed because of the uncertainty surrounding the Bureau’s ability to proceed with enforcement actions.
The Bureau denied the petition, arguing that “the administrative CID petition process is not the proper forum for raising and deciding constitutional challenges to provisions of the Bureau’s statute.” The Bureau also noted that the company failed to show that it engaged with Bureau staff on ways to alleviate undue burden, such as proposing modifications to the substance of the requests, and that even though the Bureau proposed an extension to the CID deadline, the company did not seek such an extension.
On January 13, fifteen Democratic Senators, led by Senators Catherine Cortez Masto (D-NV) and Sherrod Brown (D-OH) sent a letter to the Inspector General of the Federal Reserve Board calling for an investigation into the CFPB’s restitution penalties levied against companies accused of wrongdoing. The Senators claim that the Bureau’s restitution approach “creates a perverse incentive for companies to violate the law by allowing them to retain all or nearly all of the funds they illegally obtain from consumers.” The letter asks the Inspector General to investigate four recent settlements to examine how the Bureau determines restitution awards and whether the applied standard for restitution differs from the standard applied by courts and in prior CFPB settlements.
Included among the examples of actions for which consumers were provided limited to zero restitution is a recent settlement with a debt collector accused of engaging in improper debt collection tactics. As previously covered by InfoBytes, the company agreed to pay $36,878 in redress to harmed consumers, limiting the restitution to “only those consumers who affirmatively ‘complained about a false threat or misrepresentation’” by the company, the Senators wrote. Specifically, the Senators seek to determine the number of consumers who may have been excluded from the settlement because they did not affirmatively complain about the company’s behavior. A second example highlights an action taken against a group of payday lenders that allegedly, among other things, misrepresented to consumers an obligation to repay loan amounts that were voided because the loan violated state licensing or usury laws. (Previously covered by InfoBytes here.) According to the Senators, the settlement “dropped the requests for restitution and other relief for victimized consumers.” The letter also references a report released last October by the House Financial Services Committee (covered by InfoBytes here) following an investigation into these particular settlements, in which the Bureau responded “that it did not seek restitution in these cases because it could not determine ‘with certainty’ which consumers had been harmed or the amount of the harm.”
- Andrew W. Schilling to moderate "Expectations of in-house counsel from their law firm partners" at the ACI's 7th Annual Advanced Forum on False Claims and Qui Tam
- Sasha Leonhardt to discuss "Cybersecurity basics for compliance staff" at a NAFCU webinar
- Buckley Webcast: Tips for navigating changes to the FHA recertification process
- Daniel P. Stipano to discuss "A 20/20 view on 2020’s legislative and regulatory outlook" at the ACAMS Anti-Financial Crime and Public Policy Conference
- Kari K. Hall and Michelle L. Rogers to discuss "Overdrafts and regulatory trends" at the CLE Alabama Banking Law Update
- Kathryn L. Ryan to discuss "Industry open forum session on NMLS usage" at the NMLS Annual Conference & Training
- Kathryn L. Ryan to discuss "Regulating innovative consumer lending products" at the NMLS Annual Conference & Training
- Daniel P. Stipano to moderate "Washington update" at the 17th Puerto Rican Symposium of Anti Money Laundering 2020 conference
- Melissa Klimkiewicz to discuss "Private flood insurance updates" at the MBA's Servicing Solutions Conference & Expo 2020
- APPROVED Checkpoint Webcast: CFL overview
- Daniel P. Stipano to discuss "Pathway of the SARs: Tracking trajectories of suspicious activity reports from alerts to prosecution" at the ACAMS moneylaundering.com 25th Annual International AML & Financial Crime Conference
- Daniel P. Stipano to discuss "Which bud’s for you? A deep-dive into evolving marijuana laws" at the ACAMS moneylaundering.com 25th Annual International AML & Financial Crime Conference