Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On June 27, the FTC and the Florida attorney general filed a complaint against a Florida-based grant funding company and its owner (collectively, “defendants”) alleging that the defendants violated the Consumer Protection Act, the FTC Act, and the Florida Deceptive Unfair Trade Practices Act. According to the complaint, the defendants deceptively marketed grant writing and consulting services to minority-owned small businesses by, among other things, (i) promising grant funding that did not exist and/or was never awarded; (ii) misleading customers about the status of grant awards; and (iii) failing to honor a “money-back guarantee” and suppressing customer complaints. The complaint also alleged that the owner relied on funds that she acquired through the federal Paycheck Protection Program Covid-19 stimulus program to start the company. The U.S. District Court for the Middle District of Florida issued a restraining order with asset freeze, appointment of a temporary receiver, and other equitable relief order against the defendants, which also prohibits them from engaging in grant funding business activities.
On June 24, Fannie Mae and Freddie Mac issued additional guidance related to a coding issue that impacted approximately 12 percent of credit scores earlier this year. As previously covered by InfoBytes, a consumer reporting agency informed lenders and industry members that it experienced a coding issue when it changed some of the technology to its legacy online model platform.
After making a determination that the underlying credit report data errors resulting from the coding issue “are not considered to be material erroneous credit data errors under Selling Guide B3-2-09,” Fannie Mae issued LL-2022-02 to provide requirements applicable specifically to impacted loans. Specifically, lenders are not required to obtain an updated credit report and re-underwrite the impacted loan “by resubmitting the loan to Desktop Underwriter® (DU® )” nor are they required to “re-assess the underwriting decision for non-DU loans, based solely on this issue.” An inaccurate credit score used at the time of underwriting will not render the loan ineligible for purchase, Fannie Mae stated, adding that a “repurchase request will not be issued based solely on this issue.” Guidance related to obtaining corrected credit scores and making data corrections, as well as information concerning loan-level price adjustments, post-closing quality control review, and representation and warranty relief is also provided in the lender letter.
Freddie Mac issued Bulletin 2022-14 to provide similar guidance to sellers about their credit reporting and data correction responsibilities, and stated that it will also “not issue a repurchase based solely on an inaccurate credit score used in the underwriting of a mortgage.”
The guidance is effective immediately.
On June 24, the SEC announced a final rule to require certain documents filed by investment advisers, institutional investment managers, and certain other entities be submitted electronically—a change that is “intended to promote efficiency, transparency, and operational resiliency.” Among other things, the final rule requires the electronic filing or submission of: (i) applications for orders under the Advisers Act on EDGAR; (ii) confidential treatment requests for Form 13F filings on EDGAR; and (iii) Form ADV-NR (through the IARD system).
The SEC also released a Fact Sheet further explaining the final rule and what is required. According to a statement released by SEC Chair Gary Gensler, “these amendments benefit filers, investors, and the SEC” as “it is important for filers to have easy, online methods to submit information to the Commission, and where appropriate for investors to have easy, online access as well.”
Recently, the California Department of Financial Protection and Innovation (DFPI) issued a notice of proposed rulemaking (NPRM) to adopt regulations to implement certain sections of the California Consumer Financial Protection Law (CCFPL) related to commercial financial products and services. (See also text of the proposed regulations here.) As previously covered by a Buckley Special Alert, the CCFPL became law in 2020 and, among other things, (i) establishes UDAAP authority for the DFPI; (ii) authorizes the DFPI to impose penalties of $2,500 for “each act or omission” in violation of the law without a showing that the violation was willful (thus going beyond both Dodd-Frank and existing California law); (iii) provides the DFPI with broad discretion to determine what constitutes a “financial product or service” within the law’s coverage; and (iv) provides that enforcement of the CCFPL will be funded through the fees generated by the new registration process as well as fines, penalties, settlements, or judgments. While the CCFPL exempts certain entities (e.g., banks, credit unions, certain licensees), the law expands the DFPI’s oversight authority to include debt collection, debt settlement, credit repair, check cashing, rent-to-own contracts, retail sales financing, consumer credit reporting, and lead generation.
The NPRM proposes new rules to implement sections 22159, 22800, 22804, 90005, 90009, 90012, and 90015 of the CCFPL related to the offering and provision of commercial financing and other financial products and services to small businesses, nonprofits, and family farms. According to DFPI’s notice, section 22800 subdivision (d) authorizes the Department to define unfair, deceptive, and abusive acts and practices in connection with the offering or provision of commercial financing. Section 90009, subdivision (e), among other things, authorizes the Department’s rulemaking to include data collection and reporting on the provision of commercial financing or other financial products and services.
Among other things, the NPRM:
- Clarifies that the CCFPL makes it unlawful for covered providers, as defined, to engage in unfair, deceptive, or abusive acts or practices;
- Provides standards for determining whether an act or practice is unfair, deceptive, or abusive;
- Defines small business, nonprofit, and family farm, among other terms;
- Clarifies DFPI's ability to enforce the regulation’s provisions;
- Requires covered providers to submit annual reports containing information about their provision of commercial financing or other financial products and services to small businesses, nonprofits, and family farms;
- Identifies persons excluded from the reporting requirement;
- Specifies the information required in the reports, as well as provide guidance on calculating or determining certain information;
- Clarifies the obligations of those also submitting annual reports to DFPI as licensees under the California Financing Law.
Written comments on the NPRM are due by August 8.
On June 23, the U.S. District Court for the Northern District of Illinois granted a defendant’s motion for summary judgment, ruling that dunning emails sent to collect unpaid credit card debt did not violate the FDCPA. The plaintiff received an email from the defendant stating that it was attempting to collect the debt on behalf of the creditor, and that due to the age of her debt, the creditor could not sue her for it. While the email stated that “making a payment on a time-barred debt has the potential to restart the statute of limitations for suit on the debt,” it went on to say that it was the creditor’s policy “never to file suit on a debt after the original statute of limitations has expired” and that it never sells such debt. A few days later, the defendant sent the plaintiff an email attempting to collect a separate debt owed to a different creditor. The plaintiff’s attorney sent a letter informing the defendant that she represented plaintiff and requested that plaintiff not be contacted again. After the plaintiff received a third email from the defendant, she sued alleging the defendant violated Section 1692e by urging her to pay a debt without disclosing that the defendant could not sue or report the debt. She further alleged that the defendant violated the FDCPA by continuing to send communications even after the defendant knew she was represented by an attorney. The plaintiff argued that she suffered an injury—and had standing—because she refrained from making purchases and because the defendant had wasted her time.
The court disagreed, writing that the plaintiff failed to put forth evidence demonstrating some form of financial harm in order to have Article III standing. The court observed that “[o]ne does not suffer a monetary injury by refraining from making a purchase; one still has her money if she refrains from making a purchase. Paying too much for an item constitutes an economic injury but refraining from paying for an item does not. At best, plaintiff’s action might have left her with a feeling of want or desire, but such feelings are not concrete injuries.” Moreover, “[e]ven if plaintiff could be thought to have suffered an injury, her decision to refrain from any particular purchase is not fairly traceable to defendant,” the court wrote. And though the court found standing on her claim related to defendant’s continued contact, the court held that “Section 1692c(a)(2) applies only where the debt collector knows the consumer is represented by an attorney with respect to the specific debt being collected.” The defendant needed to be informed that the attorney was representing the plaintiff on both creditors’ debts for the third email to be a violation of the FDCPA, the court concluded.
On June 21, the U.S. District Court for the Western District of North Carolina granted a defendant’s motion for judgment on the pleadings in an FDCPA case concerning dispute responses over a debt. According to the order, the defendants—who represented a bank—sent a letter to the plaintiff attempting to collect an unpaid credit card debt. The letter included information about the creditor, the outstanding balance, and a validation notice. The plaintiff disputed the debt and requested validation of charges, payments, and credits on the account. The defendants responded with another letter, providing information about the original creditor and the balance of the unpaid debt. The plaintiff then sent another letter to the defendants requesting the original account agreement, all original account level documentation, and a “wet ink signature of the contractual obligation.” The defendants filed a collection suit against the plaintiff. The plaintiff filed suit in response, alleging the collection lawsuit violated the FDCPA and North Carolina state law because it “unjustly” condemned and vilified plaintiff for his non-payment of the alleged debt.
The court found that the “[p]laintiff’s allegations misconstrue the obligations of the debt collector in verifying the debt.” The court also noted that the FDCPA did not require the defendants provide “account level documentation,” stating that “[v]erification only requires a showing that the amount demanded ‘is what the creditor is claiming is owed,’ not conclusive proof of the debt.”
On June 23, the OCC released its Semiannual Risk Perspective for Spring 2022, which reports on key risks threatening the safety and soundness of national banks, federal savings associations, and federal branches and agencies. The OCC reported that as “banks continue to navigate the operational- and market-related impacts of the pandemic along with substantial government stimulus, current geopolitics have tightened financial conditions and increased downside risk to economic growth.” However, the OCC noted that banks’ financial conditions remain strong and that banks are well-positioned to “deal with the economic headwinds arising from geopolitical events, higher interest rates and increased inflation.”
The OCC highlighted operational, compliance, interest rate, and credit risks as key risk themes in the report. Observations include: (i) operational risk, including evolving cyber risk, is elevated, with an observed increase in attacks on the financial services industry given current geopolitical tensions; (ii) compliance risk remains heightened as banks navigate the current operational environment, regulatory changes, and policy initiatives; and (iii) credit risk remains moderate, with banks facing certain areas of weakness and potential longer-term implications resulting from the Covid-19 pandemic, inflation, and direct and indirect effects of the war in Ukraine. Staffing challenges among banks also present risks, with challenges posed by “strong competition” in the labor market.
The report also discussed the importance of appropriate due diligence of new digital asset products and services. The OCC said that it “continues to engage on an interagency basis to analyze various crypto-asset use cases,” and is looking to “provide further clarity on legal permissibility, as well as safety and soundness and compliance considerations related to crypto-assets” in the banking industry.
The OCC further stated it “will continue to monitor the development of climate-related financial risk management frameworks at large banks,” and reported that “OCC large-bank examination teams will integrate the examination of climate-related financial risk into supervision strategies and continue to engage with bank management to better understand the challenges banks face in this effort, including identifying and collecting appropriate data and developing scenario analysis capabilities and techniques.”
On June 23, the FTC issued a notice of proposed rulemaking (NPRM) to ban “junk fees” and “bait-and-switch” advertising tactics related to the sale, financing, and leasing of motor vehicles by dealers. Specifically, the NPRM would prohibit dealers from making deceptive advertising claims to entice prospective car buyers. According to the FTC’s announcement, deceptive claims could “include the cost of a vehicle or the terms of financing, the cost of any add-on products or services, whether financing terms are for a lease, the availability of any discounts or rebates, the actual availability of the vehicles being advertised, and whether a financing deal has been finalized, among other areas.” The NPRM would also (i) prohibit dealers from charging junk fees for “fraudulent add-on products” and services that—according to the FTC—do not benefit the consumer; (ii) require clear, written, and informed consent (including the price of the car without any optional add-ons); and (iii) require dealers to provide full, upfront disclosure of costs and conditions, including the true “offering price” (the full price for a vehicle minus only taxes and government fees), as well as any optional add-on fees and key financing terms. Dealers would also be required to maintain records of advertisements and customer transactions. Comments on the NPRM are due 60 days after publication in the Federal Register.
The FTC noted that in the past 10 years, the Commission has brought more than 50 auto-related enforcement actions and helped lead two nationwide law enforcement sweeps including 181 state-level enforcement actions in this space. Despite these efforts, the FTC reported that automobile-related consumer complaints are among the top ten complaint types submitted to the Commission.
On June 23, the FHA announced FHA INFO 2022-64 to issue the following temporary partial waivers to its Home Equity Conversion Mortgage (HECM) policies for senior homeowners impacted by the Covid-19 pandemic who continue to experience significant financial difficulties. Specifically, the first temporary partial waiver concerns Mortgagee Letter 2015-11. The FHA notes that its waiver “allows mortgagees to offer repayment plans to HECM borrowers with unpaid property charges regardless of their total outstanding arrearage." The second waiver—concerning Mortgagee Letter 2016-07—“permits mortgagees to seek assignment of a HECM immediately after using their own funds to pay property taxes and insurance on or after March 1, 2020, by temporarily eliminating the three-year waiting period for such assignments.” Both waivers are effective through December 31.
On June 24, the FTC announced a final decision and order against two limited liability companies (respondents) accused of allegedly failing to secure consumers’ sensitive personal data and covering up a major breach. As previously covered by InfoBytes, the respondents—former and current owners of an online customized merchandise platform—allegedly violated the FTC Act by, among other things, misrepresenting that they implemented reasonable measures to protect customers’ personal information against unauthorized access and misrepresenting that appropriate steps were taken to secure consumer account information following security breaches. The complaint further alleged that respondents failed to apply readily available protections against well-known threats or adequately respond to security incidents, which resulted in the respondents’ network being breached multiple times. Under the terms of the final settlement, one of the respondents is required to pay $500,000 to victims of the data breaches. The other respondent is required to provide notice to consumers impacted by a 2019 data breach. Among other things, the order prohibits respondents from misrepresenting their privacy and security measures and requires that respondents implement comprehensive information security programs that are assessed by an independent third party.
- Buckley Webcast: State supervision, enforcement, and multistate coordination
- Benjamin W. Hutten to discuss “Latest on AML regulations and impact of economic sanctions” at a Mortgage Bankers Association webinar
- Hank Asbill to discuss “Ethical issues at sentencing” at the 31st Annual National Seminar on Federal Sentencing
- Benjamin W. Hutten to discuss “Fundamentals of financial crime compliance” at the Practicing Law Institute
- Benjamin W. Hutten to discuss “Ongoing CDD: Operational considerations” at NAFCU’s Regulatory Compliance & BSA Seminar