InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
Industry Trade Groups Urge Congress to Pass Legislation to Protect Consumers from Data Breaches
On February 12, seven industry trade associations co-authored a letter to Congress regarding anticipated data breach legislation. The letter urges Congress to protect its constituents from the impact of identity theft and financial fraud resulting from data breaches by (i) considering a national data security and breach standard; (ii) recognizing the existing fraud protection standards (e.g., HIPAA and GLBA) and having them serve as a model for sectors where there are none; and (iii) encouraging shared responsibility between entities, including costs. The letter is the latest effort among the industry to lobby Congress in passing legislation to combat increasing data breaches and fraud.
Special Alert: OCC Guidance Applies Consumer Protection Requirements to Overdraft Lines and Protection Services
UPDATE: On February 20, the OCC announced that it would be removing the “Deposited-Related Consumer Credit” booklet, originally issued on February 11, from its website. The OCC’s February 11 booklet seemingly required banks to change overdraft protection services, however the agency has since stated that the booklet was not intended to establish new policy. According to the OCC’s website, the agency will “[revise] the booklet to clarify and restate the existing law, rules, and policy.” When the OCC releases its amended version of the booklet, we will update the February 16 Special Alert to reflect the agency’s modifications.
On February 11, 2015, the OCC issued the “Deposit-Related Consumer Credit” booklet of the Comptroller’s Handbook, which replaced the “Check Credit” booklet. The booklet provides updated guidance and examination procedures that the OCC will use to assess a bank’s deposit-related consumer credit (DRCC) products, which include check credit (overdraft lines of credit, cash reserves, and special drafts), overdraft protection services, and deposit advances. In many respects, it tracks the CFPB’s proposed prepaid rule, which would apply the Truth-in-Lending Act and Regulation Z to a broad range of credit features associated with prepaid products.
The OCC sets forth certain supervisory principles that apply to all DRCC products, which appear to meld consumer protection and safety and soundness concerns. These principles require that banks provide substantive consumer protections in connection with certain DRCC products that are not currently required by the applicable consumer protection regulations. Specifically, the supervisory principles include the following:
- Opt-In and Regulation E: Banks should not automatically enroll any customer in DRCC products, and should only enroll customers who affirmatively have so requested. In contrast, the opt-in requirement applies, under Regulation E, only to overdraft services in connection with ATM and one-time debit card transactions.
- Ability to Repay and Regulation Z: Banks should ensure ability to repay for all applicants enrolled in DRCC products, meaning that the associated underwriting practices should analyze the applicant’s income or assets and debt obligations. In contrast, under Regulation Z, this ability-to-pay requirement applies to credit card accounts, not DRCC products like overdraft lines of credit accessed by a debit card or account number or overdraft protection services. If the final CFPB prepaid rules are substantially similar to the proposed rules, then certain credit features associated with prepaid cards will also require compliance with the ability-to-pay rule.
- Fee Limits: Banks must ensure that any fees charged in connection with DRCC products are reasonably related to the program’s costs and associated risks. In contrast, under Regulation Z, the requirement that penalty fees represent a reasonable proportion of the total costs incurred as a result of the violation applies to credit cards, not DRCC products.
The OCC also expects banks to monitor the volume of revenue that DRCC products generate, and to evaluate whether the bank unduly relies on fees generated by a DRCC product. Bank management should also guard against “an over reliance on fee income from any single product.”
In addition, the OCC expects banks to monitor customer behavior and any outlier usage of DRCC products to avoid what the guidance frames as operational, compliance, reputational, and credit risk. For example, the OCC posits that repeated extensions of credit may constitute “loan flipping” and subject the bank to credit risk. Additional supervisory principles address disclosures, program availability and eligibility, consumer usage, credit terms and repayment methods, and credit reporting.
The OCC’s risk management expectations may also have tangible effects on a bank’s current operating practices, including higher capital requirements insofar as DRCC portfolios may have subprime credit characteristics. In this regard, the OCC’s requirement that banks report DRCC products in regulatory reports as loans may also have practical effects on banks.
It is worth noting that, two years ago, the OCC published proposed guidance relating to deposit advance products in the Federal Register, which allowed for public comment and time to prepare for any new compliance and supervisory expectations. The OCC published final guidance in the Federal Register in November 2013 (previously covered here) and OCC Bulletin 2013-40. This time, the OCC has dispensed with the opportunity for public comment and appears to require immediate compliance, notwithstanding that many of the expectations outlined with respect to certain DRCC products are radically new—including for overdraft protection services, as to which the OCC previously stated that “[b]anks generally do not underwrite overdraft protection services on an individual basis when enrolling the consumer.”
* * *
Questions regarding the matters discussed in this Alert may be directed to any of our lawyers listed below, or to any other BuckleySandler attorney with whom you have consulted in the past.
- Valerie L. Hletko, (202) 349-8054
- Andrew W. Grant, (202) 349-8056
CFPB Takes Action Against Mortgage Companies for Deceptive Advertising
On February 12, the CFPB announced a civil suit against a Maryland-based mortgage company and consent orders with two additional mortgage companies headquartered in Utah and California for allegedly misleading consumers with advertisements implying U.S. government approval of their products in violation of the Mortgage Acts and Practices Advertising Rule (MAP Rule or Regulation N) of the Consumer Financial Protection Act (CFPA). In its complaint against the Maryland-based mortgage company, the CFPB alleges that the company’s reverse mortgage advertisements appeared as if they were U.S. government notices. Further, the CFPB claims that the company misrepresented whether monthly payments or repayments could be required and that there was a scheduled expiration date or deadline for the FHA-insured reverse mortgage program. The CFPB is seeking a civil fine and permanent injunction to prevent future violations with respect to the Maryland company. Similarly, the CFPB alleges that the Utah-based mortgage company disseminated direct-mail mortgage loan advertisements that improperly suggested that the lender was, or was affiliated with the FHA or VA, including that the company was “HUD approved” when it was not. The Utah company was ordered to pay a $225,000 civil penalty. In the separate consent order with the California-based mortgage company, the CFPB alleges that the lender’s mailings contained an FHA-approved lending institution logo and a website address that implied the advertisements were from, or affiliated with, the U.S. government, and were therefore deceptive and in violation of the CFPA. The company was ordered to pay an $85,000 civil penalty. In addition to civil penalties, each consent order requires the mortgage companies to submit a compliance plan to the CFPB and comply with specified record keeping, reporting, and compliance monitoring requirements.
CFPB Orders Nonbank Mortgage Lender to Pay $2 Million Penalty for Deceptive Advertising and Kickbacks
On February 10, the CFPB announced a consent order with a Maryland-based nonbank mortgage lender, ordering the lender to pay a $2 million civil money penalty, in part for allegedly failing to disclose its financial relationship with a veteran’s organization to consumers. According to the consent order, the CFPB alleged that the lender, whose primary business is originating refinance mortgage loans guaranteed by the VA, paid a veteran’s organization a fee to be named the “exclusive lender” of the organization and that failing to disclose this relationship in marketing materials targeted to the organization’s members constituted a deceptive act or practice under the Dodd-Frank Act. The CFPB further alleged that, because the veteran’s organization urged its members to use the lender’s products in direct mailings from the lender, call center referrals, and through the organization’s website, the monthly “licensing fee” and “lead generation fees” paid to the veteran’s organization and a third party broker company as part of marketing and referral arrangements constituted illegal kickbacks in violation of RESPA. In addition to the civil penalty, the consent order requires the lender to end any deceptive marketing, cease deceptive endorsement relationships, submit a compliance plan to the CFPB, and comply with additional record keeping, reporting, and compliance monitoring requirements.
CFPB Details Complaints About Reverse Mortgages
On February 9, the CFPB released a report detailing complaints associated with reverse mortgages. According to the report, a high volume of complaints concern requests for changes to loan terms, issues related to loan servicing, and foreclosure activities. The report covers approximately 1,200 complaints received from December 1, 2011 through December 31, 2014. The report also notes that “[s]ince the CFPB began accepting reverse mortgage complaints in December, 2011, HUD has issued more than 10 policy changes to the HECM [Home Equity Conversion Mortgage] program.” One of these policy changes, effective after March 2, 2015, will require lenders to conduct financial assessments of prospective borrowers prior to approving the loan. The change is expected to decrease defaults due to non-payment of real estate taxes and insurance for loans originated after March 2.
White House Unveils New Federal Cybersecurity Agency
On February 10, the White House announced it will establish the Cyber Threat Intelligence Integration Center (CTIIC). In prepared remarks, Lisa Monaco, Assistant to the President for Homeland Security and Counterrorism, revealed that the CTIIC will be responsible for integrating intelligence about cyber threats, providing analysis to policymakers and operators, and support the work of existing Federal government Cyber Centers, network defenders, and local law enforcement agencies. The set-up of the agency will operate under the auspices of the Director of National Intelligence.
DOJ and North Carolina AG Settle First-Ever Federal Discrimination Suit Involving Auto Lending
On February 10, the DOJ, along with the U.S. Attorney’s Office for the Western District of North Carolina and the North Carolina AG, announced the settlement of the federal government’s discrimination suit involving two “buy here, pay here” auto dealerships. According to the DOJ, this is the federal government’s first-ever settlement involving discrimination in auto lending. Filed in January 2014, the settlement resolves a lawsuit alleging that two North Carolina-based auto dealerships violated the federal Equal Credit Opportunity Act by “intentionally targeting African-American customers for unfair and predatory credit practices in the financing of used car purchases.” The North Carolina AG further alleges that the auto dealerships’ lending practices violated the state’s Unfair and Deceptive Trade Practices Act. The terms of the settlement require the two dealerships to revise the terms of their loans and repossession practices to ensure that “reverse redlining” ceases to exist; required amendments include: (i) setting the maximum projected monthly payments to 25% of the borrower’s income; (ii) omitting hidden fees from required down payment; (iii) prohibiting repossession until the borrower has missed at least two consecutive payments; and (iii) providing better-quality disclosure notices at the time of the sale. Also required by the settlement agreement, the two auto dealerships must establish a fund of $225,000 “to compensate victims of their past discriminatory and predatory lending."
DOJ Reaches Agreement With Leading Mortgage Servicers Over Servicemember Foreclosures
On February 9, the DOJ announced a $123 million settlement with five national mortgage servicers for allegedly violating sections of the SCRA. Specifically, the DOJ alleges that the mortgage servicers subjected over 900 service members to unlawful non-judicial foreclosures between January 1, 2006 and April 4, 2012. Under the SCRA portion of the 2012 National Mortgage Settlement, the five mortgage servicers will reimburse millions of dollars to service members who should have been protected from foreclosure, as per Section 533 of the SCRA, which “prohibits non-judicial foreclosures against service members who are in military service or within the applicable post-service period, as long as they originated their mortgages before their period of military service began.” The mortgage servicers are cooperating with the Justice Department to compensate service members affected by the alleged non-judicial foreclosures.
DOJ Settles False Claims Act Allegations Against Pharmaceutical Manufacturer
On February 11, the DOJ announced a $7.9 million settlement with a Delaware-based pharmaceutical manufacturer for allegedly violating the False Claims Act by engaging in a kickback scheme with a pharmacy benefits manager corporation. The pharmaceutical manufacturer denies the DOJ’s allegations that it paid $40 million to a pharmacy benefits manager corporation in exchange for “sole and exclusive” recommendation of a certain drug. According to the two whistleblowers, both former employees for the accused pharmaceutical manufacturer, the accused manufacturer paid the pharmacy benefits manager “through price concessions on [other] drugs.” Under the whistleblower provision of the False Claims Act, the two former employees will receive a combined payment of $1,422,000.
SEC Proposes Hedging Disclosure Rule
On February 9, the SEC issued a proposed rule implementing Section 955 of the Dodd-Frank Act. The rule would require directors, officers, and other employees of public companies to disclose in proxy and information statements whether they use derivatives and other financial instruments to offset or “hedge” against the decline in equity securities granted by the company as compensation, or held, directly or indirectly, by employees or directors. The proposed rule would apply to equity securities of a public company, its parent, subsidiary, or any subsidiary of any parent of the company that is registered with the SEC under Section 12 of the Exchange Act. Public comments will be accepted for 60 days following publication in the Federal Register.