InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
U.S. Attorney General Lynch: "More Determined Than Ever to Vigorously Enforce the Fair Housing Act"
On September 2, U.S. Attorney General Loretta Lynch delivered remarks at HUD’s Fair Housing Policy Conference. In her remarks, Lynch stressed the importance of fair housing as being a primary driver “to access to employment, to education, to credit, to transportation, to safety and to a whole range of institutions and opportunities.” Lynch stated that she is “more determined than ever to vigorously enforce the Fair Housing Act (FHA).” Among other things, Lynch provided an overview on how the DOJ is implementing new programs, technology, and research to conduct electronic testing, allowing the DOJ to expand the reach of its Fair Housing Testing Program. The Attorney General also expressed her support of HUD’s recently issued “Affirmatively Furthering Fair Housing” rule, and signaled that the DOJ intends to “vigorously enforce” the FHA using every available tool, including the disparate impact theory, which the Supreme Court ruled recently as a valid enforcement tool to challenge unfair mortgage lending practices.
National Labor Relations Board Determines Parties May Submit E-Signatures to Support a Show of Interest
In a September 1 memorandum, the National Labor Relations Board’s (NLRB) general counsel, Robert Griffin, issued guidance for accepting electronic signatures in support of a showing of interest, per the NLRB’s December 15, 2014 final rule that became effective on April 14, 2015. In its final rule, the NLRB concluded that its regulations were “sufficient to permit the use of electronic signatures” to support a showing of interest and called on Griffin to determine the standards for when and how electronic signatures should be accepted. Ultimately, Griffin determined that “the evidentiary standards that the Board has traditionally applied to handwritten signatures apply equally to electronic signatures and that it is practicable to accept electronic signatures in support of a showing of interest.” Current requirements for a support of showing of interest using handwritten signatures do not require the employee to provide personal contact information; however, the requirements Griffin outlined in the memorandum “are more stringent than what is currently required for non-electronic signatures,” including the prerequisite that an employee provide personal contact information when submitting electronic signatures. In accordance with Congress’s intention that the NLRB, and other Federal Agencies, “accept and use electronic forms and signatures, when practicable,” the NLRB will now accept electronic signatures along with handwritten signatures, effective immediately.
Ninth Circuit Rules Against Title Insurer in Long-Running RESPA Litigation
On August 24, the Ninth Circuit held that a title insurer’s equity investments in title agencies in exchange for agreements that the agencies would refer customers to the insurer violated the anti-kickback provisions of the Real Estate Settlement Procedures Act (RESPA). Edwards v. First Am. Corp., 2015 WL 4999329 (9th Cir. Aug. 24, 2015). In this long-running case (covered in InfoBytes here, here, here, and here), borrowers filed a putative class-action lawsuit against the title insurer claiming violations of Section 8 of RESPA, which prohibits payments for the referral of settlement service business. In prior phases of the litigation, courts declined to certify the class, and the U.S. Supreme Court eventually granted certiorari but declined to rule on the merits of the litigation. In this appeal, the plaintiff-borrowers asked the Ninth Circuit to review the district court’s most recent denial of class certification, and the CFPB filed an amicus brief in the appeal as well. The Ninth Circuit affirmed the denial of the certification, finding that common issues did not predominate over individual issues for the proposed class. The court further stated that, while RESPA exempts payments for “goods,” “facilities,” and “services” from Section 8’s prohibition on referral fees, the title insurer’s equity investments in the title agencies were not payments for “goods,” “facilities,” or “services.” Further, the court found that RESPA’s exemption from Section 8 available to affiliated business arrangements did not apply because no compensable services were performed by the title agencies in exchange for the payments and the title insurer did not receive any payments from the title agencies as a return on its ownership interests.
District Court Finds that Texts Sent Via Mobile App Not Subject to TCPA Due to Users' "Affirmative Choices" to Send Messages
On August 24, a California district court ruled in favor of a rewards-based app company, rejecting plaintiffs’ arguments that the company violated the Telephone Consumer Protection Act (TCPA). Huricks v. Shopkick, Inc., No. c-14-2464-mmc (N.D. Cal. Aug. 24, 2015). In Huricks, plaintiffs brought a putative class action, arguing that the company’s mobile app sent spam text messages with links to the company’s website to mobile phones without consumers’ consent in violation of the TCPA and a derivative claim under the California Business and Professions Code. In rejecting plaintiffs’ claims and granting summary judgment on all counts, the court relied on a recent FCC Order where the FCC ruled, among other matters, that a company was not the maker or initiator of invitational text messages subject to the TCPA’s requirements when users of the app make a series of “affirmative choices” in order for the text messages to be sent. The court ruled that, even though the company controlled the text message’s content, the company’s evidence established that a user of its app “must [have] proceed[ed] through a multi-step invitation flow within the app” to cause text messages to be sent to the user’s contacts. The court noted that users of the app had to (i) tap a button to invite friends, (ii) choose which contacts to invite, and (iii) choose to send the text message by selecting another button. The court concluded the company was not the initiator of these texts under the TCPA and granted the company’s motion for summary judgment.
Federal Reserve Bank of Boston's Payment Strategies Team Provides Snapshot of Mobile Banking Landscape
On August 17, the Federal Reserve Bank of Boston published a report that outlines the results of a 2014 survey intended to capture “a point-in-time snapshot of mobile banking and payments at [financial institutions]” across five Federal Reserve bank districts. One of the largest U.S. surveys completed on mobile banking and payment services at financial institutions, the collected data mostly came from banks and credit unions – a combined total of more than 600 – with less than $500 million in assets. The survey showed that with the rise of smartphones, consumers are more easily able to use mobile devices for payments, and they demonstrate “growing comfort with mobile and digital wallets as well as willingness to pay with mobile-based solutions.” As competing mobile technologies emerge, such as non-bank technology service providers, the report found the need for financial institutions to “create mobile banking and payment strategies to respond to [the] changing environment” becomes more relevant. The report highlighted that roughly 75 percent of the financial institutions surveyed offer the following mobile services, with a majority of the remaining 25 percent planning to offer them by 2016: (i) checking balances; (ii) transferring funds between a single owner’s account; (iii) viewing statements and transaction history; (iv) ATM / branch locator; and (v) bill payment. The report further suggested that financial institutions should “keep pace” with the growing mobile banking market and “be proactive and help make the best solutions succeed.”
Russian Nuclear Official Pleads Guilty in FCPA-Related Case
On August 31, the DOJ announced that Vadim Mikerin, the former president of TENAM Corporation and a director of the Pan American Department of JSC Techsnabexport (TENEX), pleaded guilty to conspiracy to commit money laundering in connection with arranging over $2 million in bribes for contracts with the Russian state-owned nuclear energy corporation. TENEX, a subsidiary of Russia’s State Atomic Energy Corporation, is based in Moscow and acts as the sole supplier and exporter of Russian Federation uranium and uranium enrichment services to nuclear power companies worldwide. Mr. Mikerin admitted to conspiring to transfer funds from the United States to offshore accounts with the intent to perpetuate a bribery scheme in violation of the FCPA. These bribes were made to influence the award of contracts to transport down-blended uranium to US nuclear utility providers. As part of Mr. Mikerin’s plea agreement, he agreed to forfeit over $2.1 million he received in bribes. Mr. Mikerin is expected to be sentenced in December, and faces up to five years in prison and a $250,000 fine.
In addition to Mr. Mikerin, two other individuals, Darren Condrey and Boris Rubizhevsky, have pleaded guilty for their respective involvement in the scheme, including conspiracy to violate the FCPA and commit wire fraud, and conspiracy to commit money laundering, respectively.
Former Chief Credit Officer Sentenced to Over Eight Years in Prison for Role in Securities Fraud Scheme
On September 1, Ebrahim Shabudin, the former Chief Credit Officer of a San Francisco-based bank, was sentenced to 97 months in prison for his involvement in a securities fraud scheme stemming from the bank’s 2009 financial collapse. In 2008, the Troubled Asset Relief Program (TARP) gave the bank roughly $298 million in federal funds. The FDIC took over the bank in 2009 and stated that it was “the ninth largest failure since 2007 of a bank insured by the FDIC’s Deposit Insurance Fund.” In 2013, the FDIC estimated that the bank would accrue losses exceeding $1.1 billion; however, with the United States’ economic recovery, the estimated loss dropped to approximately $677 million.
The DOJ charged Shabudin with “conspiring with others within the bank to falsify key bank records as part of a scheme to conceal millions of dollars in losses and falsely inflate the bank’s financial statements.” Shabudin allegedly falsified records filed with the SEC and the FDIC pertaining to the bank’s 2008 third and fourth quarters and year-end earnings per share. On March 25, 2015, Shabudin was found guilty on seven charges: (i) conspiracy to commit securities fraud; (ii) securities fraud; (iii) falsifying corporate books and records; (iv) false statements to accountants; (v) circumventing internal accounting controls; (vi) conspiracy to commit false bank entries; and (vii) false bank entries. In addition to the prison sentence, U.S. District Judge White ordered the former Chief Credit Officer to undergo three years of supervised release and pay $348,000 in restitution. Both the bank’s CFO and Senior Vice President pleaded guilty to similar charges last year and currently await sentencing.
FDIC-Insured Financial Institutions Report Record Second Quarter Earnings
On September 2, the FDIC issued its latest Quarterly Banking Profile. The Profile indicates that community banks and savings institutions reported an aggregate net income of $43 billion in the second quarter of 2015, the highest quarterly income on record. The FDIC attributed this rise in second quarter income to steady loan growth at most institutions along with a sharp increase in community bank earnings as compared to the second quarter of 2014. In a statement, FDIC Chairman Martin Gruenberg provided a mixed assessment surrounding the second quarter results of FDIC-insured institutions. Specifically, Gruenberg noted, “the industry experienced a continuation of positive trends observed over recent quarters. Revenue and income growth was broad-based, asset quality improved, loan balances increased, there were fewer problem banks, and only one bank failed during the quarter. However, the banking industry continues to face challenges. Revenue growth has lagged behind asset growth, as exceptionally low interest rates put downward pressure on net interest margins.”
California Governor Signs Executive Order Aimed At Strengthening Cybersecurity Strategy
On August 31, California Governor Edmund G. Brown signed Executive Order B-34-15. A response to recent cyber-attacks, this order is intended to bolster the state’s preparedness, to improve inter-agency, cross-sector coordination, and to reduce the likelihood and severity of such attacks. Specifically, the order establishes the California Cybersecurity Integration Center (Cal-CSIC) and explains that the Cal-CSIC “will work closely with the California State Threat Assessment System and the U.S. Department of Homeland Security and will facilitate more integrated information sharing and communication with local, state and federal agencies, tribal governments, utilities and other service providers, academic institutions and non-governmental organizations.”
Under the order, the Cal-CSIC will also establish a multi-agency Cyber Incident Response Team, which will be comprised of personnel from agencies, departments, and organizations from the Cal-CSIC. The Response Team will serve as California’s “primary unit to lead cyber threat detection, reporting, and response in coordination with public and private entities across the state.”
Special Alert: Third Circuit Gives FTC Green Light to Continue Enforcing Corporate Data Security
On August 24, the U.S. Court of Appeals for the Third Circuit affirmed the Federal Trade Commission’s authority to hold companies accountable for their data security practices under Section 5 of the FTC Act (15 U.S.C. § 45(a)), which declares unlawful “unfair or deceptive acts or practices in or affecting commerce.” The unanimous ruling found that “deficient cybersecurity,” practices, which “fail to protect consumer data against hackers,” may be found to be “unfair” practices under the Act, subject to FTC enforcement. The FTC had sued Wyndham for allegedly deficient cybersecurity practices that enabled hackers to obtain payment card information from over 619,000 consumers.
In affirming that the FTC has authority under Section 5 to pursue claims of inadequate data security, the Third Circuit explained that a company’s inadequate data security in the face of foreseeable intrusions falls within the plain meaning of “unfair.” The Third Circuit assured Wyndham that this authority does not enable the agency to dictate the type of locks on hotel room doors or the placement of guards on corporate premises. Nor does it have the authority to sue for every perceived deficiency, just as it would not have the authority to sue supermarkets simply for failing to consistently “sweep up banana peels.” However, the court pointed out that it matters how – and how many – consumers are affected by a company’s practice: “were Wyndham a supermarket, leaving so many banana peels all over the place that 619,000 customers fall hardly suggests it should be immune from liability under § 45(a).”
Wyndham had also argued that it lacked fair notice that the FTC had the authority to assess data security practices under Section 5, but the Third Circuit disagreed, pointing out that the FTC has offered specific public guidance on data security over the years, and has filed multiple complaints and consent decrees “raising unfairness claims based on inadequate corporate cybersecurity” that put companies on notice of its enforcement authority in this space.
The Third Circuit provided some guidance of its own on how can companies avoid FTC enforcement actions alleging unfairness in data security practices, stating that “the relevant inquiry here is a cost-benefit analysis . . . that considers a number of relevant factors, including the probability and expected size of reasonably unavoidable harms to consumers given a certain level of cybersecurity and the costs to consumers that would arise from investment in stronger cybersecurity.” The more sensitive consumer data a company collects, the more it must invest in sound data security safeguards.
As a result, companies need to review their data security practices against both the standard enacted by Congress specifically to govern data security in the Gramm-Leach-Bliley Act and the much more general “unfairness” standard found in the FTC Act as well as other federal and state laws.
* * *
Questions regarding the matters discussed in this Alert may be directed to any of our lawyers listed below, or to any other BuckleySandler attorney with whom you have consulted in the past.
- Jeffrey P. Naimon, (202) 349-8030
- Walter E. Zalenski, (202) 461-2910