InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
SEC Reaches Non-Prosecution Agreements for Bribes of Chinese Officials; DOJ Declines to Pursue FCPA Enforcement Actions
On June 7, the SEC announced it had entered into non-prosecution agreements with two unrelated companies in connection with bribes paid to Chinese officials by foreign subsidiaries. First, a Massachusetts-based internet services provider agreed to pay $652,000 in disgorgement and $19,433 in interest. According to its agreement, the company’s foreign subsidiary had paid bribes to induce Chinese government-owned entities to purchase more services than they needed. Second, a Rhode Island-based residential and commercial building products manufacturer agreed to pay $291,000 in disgorgement and $30,000 in interest. According to that agreement, the company’s subsidiary made improper payments and gifts to Chinese officials in exchange for preferential treatment, relaxed regulatory oversight, and reduced customs duties, taxes, and fees. The agreements each stipulate that the companies are not charged with violations of the FCPA and will not pay any additional monetary penalties.
In support of the agreements, the SEC noted that both companies promptly self-reported the conduct and cooperated extensively with the ensuing investigations. Kara Brockmeyer, Chief of the SEC Enforcement Division’s FCPA Unit, praised the companies for “promptly tighten[ing] their internal controls after discovering the bribes and [taking] swift remedial measures to eliminate the problems.”
Also on June 7, each company released letters from the DOJ declining to pursue enforcement actions against the companies. The letters are the first public declinations issued by the DOJ under its FCPA Pilot Program announced in April 2016. The one-year Pilot Program is designed to encourage companies to voluntarily self-report potential FCPA-related misconduct and cooperate with federal investigations. DOJ declined to pursue enforcement actions based on several factors, including that the companies identified the misconduct themselves, promptly self-disclosed the misconduct, thoroughly investigated the misconduct, enhanced their compliance programs and internal accounting controls, terminated the employees responsible for the misconduct, disgorged any ill-gotten gains, fully cooperated with the federal investigations, and agreed to cooperate with any future investigations.
SEC Settles with New York Financial Firm and Employee Over Alleged Failure to Protect Customer Data
On June 8, the SEC announced that a New York-based financial services firm agreed to pay a $1 million civil monetary penalty to resolve allegations that it violated the “Safeguards Rule,” Rule 30(a) of Regulation S-P (17 C.F.R. § 248.30(a)). According to the SEC, the firm “failed to ensure the reasonable design and proper operation of its policies and procedures in safeguarding confidential customer data.” The SEC further contends that the firm failed to audit or test the authorization models that allowed employees to access the portals hosting customer data. The financial services firm settled the charges without admitting or denying the SEC’s findings. As of result of the company’s alleged failures, between 2011 and 2014, a then-current employee of the firm gained access to and copied data regarding approximately 730,000 customer accounts to his personal server. The SEC alleges that the employee’s personal server was hacked, and portions of the misappropriated data were posted to at least three Internet sites, with an offer to sell more of the stolen data in exchange for payment in digital currency. Per the employee’s separate consent order, the employee agreed to an industry and penny stock bar with the right to apply for reentry after five years. He was previously criminally convicted for his actions and received 36 months of probation and $600,000 in restitution.
California AG Harris Continues Fight Against For-Profit Schools Allegedly Defrauding Consumers
On June 2, California AG Kamala Harris sent a letter to the U.S. Department of Education requesting that it revoke the Accrediting Council for Independent Colleges and Schools’ (ACICS) status as a recognized accreditor of for-profit schools. In the letter, AG Harris cited to state and federal enforcement actions taken against Corinthian Colleges, Inc. (Corinthian) – a non-profit school accredited by ACICS – for engaging in allegedly predatory and deceptive marketing practices. According to AG Harris, “ACICS failed to uphold their commitment ‘to the importance of a quality education experience for all students’ when they continued to accredit Corinthian campuses in the face of regulatory and enforcement actions.” AG Harris joins 13 other state Attorneys General in opposition to ACICS’s application for renewal as an accreditor. In a letter submitted to the Department of Education in April of this year, those 13 other state Attorneys General discussed similar alleged failings by ACICS in their respective states.
AG Harris’s recent letter comes after a February 25, 2016 statement requesting that the Department of Education revise its proposed regulations relating to debt relief for students affected by for-profit schools’ allegedly deceitful practices, and also follows the AG’s $1.1 billion judgment against Corinthian.
South Carolina Passes AML Act to Regulate Money Transmitters
On June 2, the South Carolina Legislature unanimously passed House Bill 4554, the South Carolina Anti-Money Laundering Act. The Act is intended to “provide regulation and oversight of the money transmission services business most commonly used by organized criminal enterprise to launder the monetary proceeds of illegal activities, and to provide definitions, exclusions, procedures, and penalties.” Among other things, the Act outlines licensure requirements for persons engaging in the business of money transmission and/or currency exchange. Pursuant to the Act, the South Carolina AG (or Commissioner) “may conduct an annual examination of a licensee or of any of the licensee’s authorized delegates [(as defined by the Act)] on a forty-five day notice in a record to the licensee.” In addition, the Act delegates to the Commissioner the authority to suspend or review a license or order a licensee to revoke the designation of an authorized delegate. The Act will take effect either one year after it is signed by the Governor or upon publication in the State Register of final regulations implementing the Act, whichever occurs later.
Special Alert: CFPB's Proposed Rule Regarding Payday, Title, and Certain Other Installment Loans
On June 2, 2016, the CFPB published its proposed rule (the “Proposed Rule”) addressing payday loans, vehicle title loans, and certain other installment loans (collectively “covered loans”). This alert summarizes the Proposed Rule and compares the Proposed Rule to the CFPB’s March 26, 2015 outline released pursuant to the Small Business Regulatory Enforcement Fairness Act (SBREFA). Those wishing to comment on the Proposed Rule must do so by September 14, 2016.
Summary of the Proposed Rule
The Proposed Rule is issued pursuant to the CFPB’s authority under section 1031 of the Dodd-Frank Act to identify and prevent unfair, deceptive, or abusive acts or practices. It defines two types of covered loans: (1) “short-term” loans that have terms of 45 days or less; and (2) “longer-term” loans with terms of more than 45 days that have a “total cost of credit” exceeding 36% and either a “leveraged payment mechanism” or a security interest in the consumer’s vehicle. A “leveraged payment mechanism” includes a right for the lender to initiate transfers from the consumer’s account and certain other payment mechanisms. The Proposed Rule would exclude (i) credit extended for the sole and express purpose of financing a consumer’s initial purchase of a good when the credit is secured by the property being purchased; (ii) credit secured by any real property or by personal property used or expected to be used as a dwelling; (iii) credit cards; (iv) student loans; (v) non-recourse pawn loans; and (vi) overdraft services and lines of credit.
The Proposed Rule would make it an abusive and unfair practice for a lender to make a covered short-term or longer-term loan without determining upfront that the consumer will have the ability to repay the loan (the “full-payment test”). For both types of covered loans, the Proposed Rule would require a lender to determine whether the consumer can afford the full amount of each payment of a covered loan when due and still meet basic living expenses and major financial obligations. As a practical matter, the full-payment test imposes restrictions on rollovers, loan sequences, and refinancing by preventing the offering of short-term loans fewer than 30 days after payoff without a showing that the borrower’s financial situation is materially improved (and capping successive short-term loans at 3 before requiring a 30-day cooling off period), and preventing the refinancing of longer-term loans without a showing that payments would be smaller or would lower the total cost of credit. The Proposed Rule also would provide conditional exemptions for certain covered loans meeting specified criteria, as discussed further below. These conditional exemptions essentially provide alternative compliance options to the Proposed Rule’s full-payment test. Additionally, the Proposed Rule would require lenders to use and furnish information to registered information systems established to track covered loans.
Click here to view the full Special Alert.
* * *
Questions regarding the matters discussed in this Alert may be directed to any of our lawyers listed below, or to any other BuckleySandler attorney with whom you have consulted in the past.
- John P. Kromer, (202) 349-8040
- Walter E. Zalenski, (202) 461-2910
- Marshall T. Bell, (202) 461-2997
CFPB Announces Consumer Advisory Board Meeting
On June 9, the CFPB will hold its next Consumer Advisory Board meeting in Little Rock, AR. According to the meeting’s agenda, the Board will discuss (i) an auto lending education initiative; (ii) trends and themes; and (iii) payday lending. Director Cordray and Assistant Director for Regulations Kelly Cochran are among the CFPB personnel who are scheduled to speak at the meeting. The event is open to the public.
FTC to Host Fourth Start with Security Event
On June 15, the FTC will host its fourth Start with Security event in Chicago, Illinois. Featuring agency representatives Todd Kossow, Maureen Ohlhausen, Cora Han, Jim Trilling, Steve Wernikoff, and Andrea Arias, as well as security experts from various industries, the Start with Security event is intended to provide companies with tips for implementing effective data security. The event will host the following four panels: (i) Building a Security Culture; (ii) Integrating Security into the Development Pipeline; (iii) Considering Security when Working with Third Parties; and (iv) Recognizing and Addressing Network Security Challenges. A full day event, the panels “will address how companies can create and prioritize a culture of security, how to integrate security into the development pipeline, what security issues to consider when a company works with third parties, and how to recognize and address network security challenges.”
As recently noted in its 2015 Annual Highlights report, the FTC’s Start with Security efforts, including its June 2015 Guide for Business, are part of the agency’s education outreach programs designed to promote good data security practices within businesses.
FDIC Settles with Financial Institutions to End RMBS Claims
On June 2, the FDIC announced a settlement with eight financial institutions to resolve federal and state securities law claims based on the institutions’ residential mortgage-backed securities (RMBS) practices. As the receiver for five failed banks from November 2011 through August 2012, the FDIC filed six lawsuits for alleged violations of federal and state securities laws. Specifically, according to the FDIC, the eight financial institutions made misrepresentations in offering documents in connection with the sale of 21 RMBS to the five failed banks. The $190 million in settlement funds will be distributed among the receiverships for the five failed banks.
SEC Charges Brokerage Firm with AML Failures
On June 1, the SEC announced that a Wall Street-based brokerage firm agreed to pay a $300,000 penalty to settle charges that it failed to sufficiently evaluate or monitor customers’ trading for suspicious activity and to file suspicious activity reports (SARs) in an alleged willful violation of Section 17(a) of the Exchange Act and Rule 17a-8. The broker-dealer was required to have written AML policies and procedures, which outlined specific examples of suspicious activities that, according to the SEC, “should have triggered internal reviews and, in a number of instances, [(SAR)] filings.” According to the SEC, the broker-dealer failed to file SARs on the following activity: (i) accounts that traded an aberrational percentage of a given stock in a particular day; (ii) accounts of entities that had executives charged with criminal securities fraud; (iii) customer trading that was the subject of grand jury subpoenas and regulatory inquiries; (iv) liquidation of securities followed immediately by large cash transfers; (v) transactions in securities that were subsequently subject to SEC trading suspensions; and (vi) rejections by other broker-dealers of attempts by the firm to transfer customers’ securities. Despite these red flags, the brokerage firm failed to file SARs for more than five years. The case represents the SEC’s first against a firm for solely failing to file SARs.
SEC Names Christopher Hetner Senior Advisor to the Chair for Cybersecurity Policy
On June 2, the SEC named Christopher Hetner Senior Advisor to the Chair for Cybersecurity Policy. In this capacity, Hetner will serve as a senior advisor to Chair Mary Jo White on all policy matters relating to cybersecurity. Having joined the SEC in January 2015, Hetner currently serves as Cybersecurity Lead for the Technology Control Program within the SEC’s Office of Compliance Inspections and Examinations (OCIE), coordinating cybersecurity efforts across OCIE and lending advice on enforcement matters. As Senior Advisor, Hetner “will be responsible for coordinating efforts across the agency to address cybersecurity policy, engaging with external stakeholders, and further enhancing the SEC’s mechanisms for assessing broad-based market risk.”