InfoBytes Blog

CFPB reexamines the effect of NCAP on credit scores and credit performance

On December 10, the CFPB released the latest quarterly consumer credit trends report, which evaluated the extent to which removal of public records from credit reports affects consumer credit scores and credit performance. As previously covered by InfoBytes, the three major U.S. credit reporting agencies began using stricter guidelines when considering consumer public records, such as tax liens and civil judgments, to be included in consumer credit reports as a result of the National Consumer Assistance Plan (NCAP). The NCAP, among other things, imposed restrictions on medical debt reporting and civil public records such as tax liens, civil judgments, and bankruptcies. Observing that the “NCAP public records provision resulted in the removal of all civil judgments and almost half of tax liens from credit reports by the end of July 2017,” this report compared consumer credit scores and credit performance for consumers that had public records removed from their credit report and consumers who did not. According to the report, “there was only a slight increase in credit scores following the NCAP,” and “the NCAP did not seem to have a large effect on the relationship between credit scores and consumers’ credit performance for consumers whose credit report included a lien or judgment compared with consumers whose credit report did not.”

Federal Issues CFPB Consumer Finance Credit Scores Credit Reporting Agency

FTC says British data analytics firm misled consumers about collection of personal information

On December 6, the FTC issued an unanimous opinion against a British consulting and data analytics firm, finding that the firm violated the FTC Act by engaging in “deceptive practices to harvest personal information from tens of millions of [a social media company’s] users.” The information—which was allegedly collected through an application that told users it would not harvest identifiable information—was then used to target potential voters. The opinion also found that the firm engaged in deceptive practices relating to its participation in the EU-U.S. Privacy Shield framework. The opinion follows an administrative complaint issued against the firm in July (previously covered by InfoBytes here). Under the terms of the administrative final order, the firm is prohibited from misrepresenting “the extent to which it protects the privacy and confidentiality of personal information as well as its participation in the EU-U.S. Privacy Shield framework and other similar regulatory or standard-setting organizations,” and it must apply Privacy Shield protections to personal information collected during its participation in the program or return or delete the information. Among other things, the firm also must delete or destroy the personal information collected from consumers through the app, as well as any other information or work product that originated from the information.

Federal Issues FTC Act Enforcement Privacy/Cyber Risk & Data Security UDAP Deceptive

Connecticut Supreme Court reverses in favor of consumer in unfair trade practices appeal

On November 26, the Connecticut Supreme Court reversed a trial court’s ruling on a mortgage servicer’s motion to dismiss a Connecticut Unfair Trade Practices Act (CUTPA) action brought by a consumer. The trial court had ruled in favor of the servicer, stating, among other things, that ruling in the consumer’s favor might dissuade servicers from engaging in loan modifications for fear of negligence claims and additional liability. According to the Connecticut Supreme Court opinion, the consumer defaulted on his mortgage and his servicer instituted foreclosure proceedings, at which time the consumer requested a loan modification under the HAMP program. The complaint claims that over the next five years, the servicer mishandled the loan modification process, failed to respond to the consumer’s inquiries about the modification status, and repeatedly requested applications and additional documents from the consumer.

Based on the facts stated in the complaint, the consumer claims that when the servicer finally extended a HAMP modification (which capitalized accrued but unpaid interest, default fees, and the servicer’s attorney fees), the consumer filed a complaint against the servicer for violation of CUTPA, alleging that the servicer “committed unfair or deceptive acts in the conduct of trade or commerce by failing to exercise reasonable diligence in reviewing and processing the [consumer’s] loan modification applications.” Additionally, the consumer alleged negligence, claiming that the servicer “owed the [consumer] a duty of care arising out of the servicing standards imposed by RESPA, the 2011 federal consent order, the national mortgage settlement, and the Connecticut foreclosure mediation statutes.”

The Connecticut Supreme Court reversed the lower court’s ruling striking the consumer’s CUTPA claim on a motion to strike (similar to a federal motion to dismiss), stating that, “viewed in the light most favorable to sustaining the complaint’s legal sufficiency, we agree with the [consumer] and conclude that these allegations describe conduct that was not merely a technical violation of these provisions or negligent or incompetent, but involved a conscious, systematic departure from known, standard business norms” and that the allegations, if true, could show that the servicer “deliberately engage[d] in a pattern of conduct intended to prevent” the consumer from getting a loan modification. However, the court agreed with the lower court regarding the negligence claim, rejecting the consumer’s claim that the servicer had a common-law duty “to use reasonable care in the review and processing of” his loan modification application.

Courts Appellate State Issues HAMP Mortgage Servicing

Special Alert: OCC and FDIC issue CRA modernization proposal

Federal Issues OCC FDIC Federal Reserve CRA Special Alerts

10th Circuit affirms $5 million disgorgement in Kokesh

On December 6, the U.S. Court of Appeals for the Tenth Circuit affirmed a district court’s revised disgorgement order in SEC v. Kokesh. As previously covered by InfoBytes, in 2017, the U.S. Supreme Court handed down a unanimous ruling in Kokesh and rejected the SEC’s position that disgorgement is an equitable remedy and not a penalty. The Court’s decision limited the SEC’s disgorgement power to a five-year statute of limitations period applicable to penalties and fines under 28 U.S.C. § 2462. Following the Court’s ruling, in 2018, the 10th Circuit, on remand, directed the district court to enter an order for a lower disgorgement amount of $5 million (from nearly $35 million), holding that only a portion of the SEC’s claims were not time-barred by 28 U.S.C. § 2462. At the district court, the SEC also argued that prejudgment interest of more than $2.6 million should apply to the disgorgement penalty, as well as nearly $2.3 million in civil penalties, and the district court awarded such amounts, rejecting Kokesh’s argument that “the district court should reject any relief other than an order of disgorgement.” Kokesh again appealed, arguing, among other things, that “§ 2462 is jurisdictional and precludes this action in its entirety,” and that the permanent injunction and civil penalties were invalid.

On appeal, the 10th Circuit refused to address Kokesh’s jurisdictional argument, stating that, among other things, the appellate court had previously found that “each act of misappropriation should be considered separately” and that not all of the SEC’s claims were time-barred. The appellate court further concluded that because it had previously found that some alleged misappropriations happened within the five-year limit, the $5 million disgorgement calculation that the SEC requested was warranted. Moreover, the appellate court noted that Kokesh failed to show any reason that its 2018 decision was “clearly erroneous,” and during remand, “rather than. . .contesting timeliness or the SEC’s calculations, Kokesh conceded the district court should enter the disgorgement order and instead focused on the SEC’s new request for prejudgment interest.” Additionally, the appellate court refused to consider Kokesh’s challenges to the permanent injunction and the civil penalty ordered because they were first raised in Kokesh’s reply brief.

Courts Appellate Tenth Circuit U.S. Supreme Court SEC Disgorgement

Senate holds hearing on privacy law proposals

On December 4, the Senate Commerce Committee held a hearing titled “Examining Legislative Proposals to Protect Consumer Data Privacy” to discuss how to “provide consumers with more security, transparency, choice, and control over personal information both online and offline.” Among the issues discussed at the hearing was how consumer privacy rights should be enforced. As previously covered by InfoBytes, some FTC commissioners, at a hearing earlier this year, expressed that authorization to enforce federal privacy laws should vest not only in the FTC, but also in the states’ attorneys general. At the Senate hearing, there was testimony suggesting that the FTC is spread too thin to be in charge of enforcing new privacy laws. At least one witness championed state privacy regulation, while other witnesses endorsed preemption of the state laws by the envisioned federal privacy law. Although different views were expressed regarding what the law should look like, the hearing participants generally seemed to agree that a federal privacy law may be needed now in light of recent state legislative agendas and, as one Senator raised, the growing use of artificial intelligence.

Federal Issues Privacy/Cyber Risk & Data Security FTC U.S. Senate Hearing Preemption Enforcement

OFAC announces sanctions against Russia-based organization for malware attacks on financial institutions

On December 5, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions pursuant to Executive Order 13694 against a Russia-based cybercriminal organization for allegedly developing and distributing malware that infected financial institutions and resulted in more than $100 million in theft. OFAC’s action targets 17 individuals and seven entities and is “intended to disrupt the massive phishing campaigns orchestrated by [the organization],” Treasury Secretary Steven T. Mnuchin stated. According to OFAC, the organization used the malware to infect computers and harvest login credentials from roughly 300 banks and financial institutions in over 40 countries, resulting in millions of dollars of damage to U.S. and international financial institutions and their customers. As a result of the sanctions, all property and interests in property of these persons subject to U.S. jurisdiction are blocked, along with “any entities 50 percent or more owned by one or more designated persons.” OFAC noted that its regulations “generally prohibit” U.S. persons from participating in transactions with designated persons, and warned that “foreign persons may be subject to secondary sanctions for knowingly facilitating a significant transaction or transactions with these designated persons.”

In a concurrent action announced the same day, the DOJ unsealed criminal charges—including those related to international computer hacking and bank fraud schemes—against two of the organization’s members. In addition, Treasury’s Financial Crimes Enforcement Network and the Cybersecurity and Infrastructure Security Agency released a report providing a technical analysis of the malware and related variants, emphasizing that because the malware continues to target the financial services sector, financial institutions should review and incorporate the report’s techniques, tactics, and procedures into existing network defense capabilities and planning.

Financial Crimes OFAC Of Interest to Non-US Persons Sanctions Russia DOJ FinCEN

Michigan approves temporary authority to act as a licensed mortgage loan originator

On December 4, the Michigan governor signed HB 5084, which, among other things, includes provisions granting temporary authority for certain mortgage loan originators (MLOs) to originate loans in the state without a state license. Specifically, HB 5084 provides that, in order to be eligible for temporary authority to operate, the individual must be employed by an entity that is licensed or registered under applicable state laws and meets the following additional criteria: has no previous MLO application denials or MLO license suspensions or revocations in any state; has not been subject to, or served with, a cease and desist order in any state; has not been convicted of, or pled guilty or no contest to, a disqualifying crime; has submitted the required application and fee and meets the applicable surety bond requirement; was registered in the NMLS as a loan originator during the one-year period immediately preceding the date on which the applicant submitted the required information; and has not been subject to a prohibition order pertaining to any of the financial licensing acts. Individuals who were licensed as mortgage loan originators in another state the individual is eligible for temporary authority to act as a mortgage loan originator if the individual meets the criteria above and was licensed in another state during the 30 days immediately prior to submitting the required application information in Michigan. 

Beginning November 24, HB 5084 permits qualifying MLO applicants to have temporary authority to act as a mortgage loan originator while their applications are pending for licensure for up to 120 days, or upon the withdrawal, denial, notice of intent to deny, or approval of the licensing application, whichever is sooner.

Licensing State Legislation State Issues Mortgage Origination

HUD increases FHA loan limits for 2020

On December 3, HUD announced the maximum FHA loan limits for 2020, issuing Mortgagee Letter 19-19 for FHA-insured forward mortgage case numbers and Mortgagee Letter 19-20 for FHA-insured Home Equity Conversion Mortgage (HECM) case numbers. The general one-unit property limits “floor” increased to $331,760, and the “ceiling” increased to $765,600, while the HECM claim amount also increased to $765,600, effective January 1, 2020.

Agency Rule-Making & Guidance FHA HUD HECM Mortgages Reverse Mortgages

TRO issued against VoIP service provider in card interest reduction scam

On December 5, the FTC and the Ohio attorney general announced that the U.S. District Court for the Western District of Texas issued a temporary restraining order (TRO) against a VoIP service provider and its foreign counterpart for facilitating (or consciously avoiding knowing of) a “phony” credit card interest rate reduction scheme committed by one of its client companies at the center of a joint FTC/Ohio AG action. As previously covered by InfoBytes, the original complaint alleged that a group of individuals and companies—working in concert and claiming they could reduce interest rates on credit cards—had violated the FTC Act, the Telemarketing Sales Rule, and various Ohio consumer protection laws. In addition to obtaining a TRO against the most recent alleged participants, the FTC and Ohio AG amended their July complaint to add the telecom companies as defendants alleging the companies “played a key role in robocalling consumers to promote a credit card interest reductions scheme.”

Federal Issues FTC State Attorney General Consumer Finance Robocalls Credit Cards TRO Courts FTC Act Telemarketing Sales Rule