InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
Supreme Court rules state courts may hear certain securities class actions brought under federal law
On March 20, the U.S. Supreme Court unanimously affirmed a California state appeals court decision in 2011, which ruled that state courts are permitted to hear certain securities class actions brought under federal law. Justice Kagan delivered the opinion. The decision resolves a question concerning whether the Securities Litigation Uniform Standards Act of 1998 (SLUSA), which made amendments to the Securities Act of 1933 (1933 Act), gave federal courts exclusive jurisdiction over covered class actions alleging only 1933 Act violations. SLUSA “does nothing to deprive state courts of their jurisdiction to decide class actions brought under the 1933 Act,” the Court stated when ruling that SLUSA allowed state courts concurrent jurisdiction over securities claims involving 50 or more plaintiffs. Rather, Section 77p of SLUSA “bars certain securities class actions based on state law,” but it “says nothing, and so does nothing, to deprive state courts of jurisdiction over class actions based on federal law.” And, the Court further opined, “Neither did SLUSA authorize removing such suits from state to federal court.”
Court denies CFPB motion to reconsider, applies new RESPA safe harbor
On March 22, the U.S. District Court for the Western District of Kentucky denied the CFPB’s motion to reconsider an opinion issued in July 2017, which held that a safe harbor provision for affiliated business arrangements under Section 8(c)(4) of RESPA protects a Louisville law firm's relationship with a string of now-closed title insurance agencies (previously covered by InfoBytes here). In denying the request, the court clarified its previous reasoning and found that the transactions did not violate Section 8(a) because the law firm did not give the title insurance agencies a “thing of value,” and even assuming a violation, the safe harbor under Section 8(c)(2)—even though the court previously relied on Section 8(c)(4)—applied. The court relied on the D.C. Circuit’s 2016 interpretation of Section 8(c)(2) in PHH Corporation v. CFPB, which found that payments made in exchange for a service “actually received” is not the same as payments made for referrals and a payment is bona fide if it amounts to “reasonable market value” for the service. In applying the PHH holding to the present facts, the court concluded that the payments consumers made to the title agencies, which were subsequently distributed as profits to corresponding partners, were made in exchange for title insurance that was actually received by the consumer. Moreover, the court noted that there was no evidence that the payments were above market value, and therefore determined they were bona fide. Lastly, the opinion emphasized that the purpose of RESPA is to prevent unnecessary increases in costs of certain settlement services for consumers, and the payments resulting from the relationship between the law firm and the title agencies not only were for services actually received but were not found to increase the cost of those services at settlement.
FTC and New York Attorney General announce orders banning debt collection operations from related activities
On March 22, the New York Attorney General’s office and the FTC announced settlements with the operators of an allegedly abusive debt collection scheme, resolving lawsuits filed in 2015. (See previous InfoBytes coverage here.) According to the FTC, the operators and associated companies allegedly violated the FTC Act, the Fair Debt Collection Practices Act, and New York state laws prohibiting deceptive acts and practices by using abusive language and making false threats that consumers would be arrested or sued in order to collect the supposed debts. The stipulated final orders impose combined judgments of over $48.7 million to be partially suspended upon the surrender of certain assets, including more than $1 million in corporate and individual assets. In addition to barring the operators from the debt collection business and from buying or selling debt, the orders further prohibit them from misrepresenting financial products and services or benefiting from consumers’ personal information collected in connection with the challenged practices.
States enact data breach notification laws; Oregon prohibits fees for security freezes
On March 21, the South Dakota governor signed SB 62, which requires companies that hold consumers’ personal information to (i) notify consumers within 60 days of a data breach; and (ii) notify the state Attorney General if more than 250 consumers are affected. Notice must be provided to consumers either by mail; electronic notice; or, in certain circumstances, substitute notice (e.g., a posting on the company’s website or notification to statewide media). The law gives the state Attorney General the authority to prosecute a failure to disclose a data breach as a deceptive act or practice under South Dakota’s consumer protection laws, which can result in penalties of up to $10,000 a day per violation. A disclosure is not required if notice is given to the state Attorney General and following an “appropriate investigation,” the company determines that the breach “will not likely result in harm to the affected person.” The law is effective July 1.
A similar measure was signed by the Oregon governor on March 16. Effective on or about June 10, Oregon’s SB 1551 mandates that a person or entity that “owns, licenses, or otherwise possesses personal information” that suffered a security breach must notify the affected consumers within 45 days and, if more than 250 consumers were affected, must also notify the state Attorney General. The person or entity must also undertake reasonable measures to “determine scope of breach of security and to restore reasonable integrity, security and confidentiality of personal information.” Additionally, the law sets out guidelines regarding credit monitoring services and security freezes:
- Credit Monitoring Services. Among other things, SB 1551 provides that if a person or entity offers free credit monitoring services to affected consumers, the entity may not require a credit or debit card number as a condition for the service. If additional identity theft services are offered for a fee, the person or entity must “separately, distinctly, clearly and conspicuously” disclose the charging of the fee.
- Security Freezes. SB 1551 prohibits a consumer reporting agency from charging a fee for placing, temporarily lifting, or removing a security freeze. Moreover, it prevents credit reporting agencies from charging fees for replacing a lost personal identification number or password. Recently, Michigan, Utah, Washington, and Virginia enacted similar prohibitions (previously covered by InfoBytes, here, here, and here).
New York Attorney General reaches $230 million settlement for international company’s RMBS misconduct
On March 21, the New York Attorney General announced a $230 million settlement with two divisions of an international financial services company to resolve allegations that the company made misrepresentations in the sale of residential mortgage-backed securities (RMBS) in violation of New York’s Martin Act and Section 63(12) of New York’s Executive Law. According to the settlement agreement, the investigation focused on 15 securitizations sold by the company between 2006 and 2007. In addition to the alleged misrepresentations in each of the securitizations’ prospectus and prospectus supplements, the company also included loans in the sales portfolio that diligence reports flagged for underwriting and valuation issues. The $230 million settlement includes $41 million to New York State and $189 million to consumer relief programs.
CFPB releases RFI on inherited rules, extends comment period for first three RFIs
On March 22, the CFPB released its ninth Request for Information (RFI) in a series seeking feedback on the Bureau’s operations. This RFI solicits public comment to assist the Bureau in deciding “whether it should amend the regulations or exercise the rulemaking authorities that it inherited from certain other Federal agencies.” Specifically, the Bureau is seeking feedback regarding its “Inherited Regulations” – the consumer financial laws that were previously vested in other federal agencies but were transferred to the CFPB assumed by the Dodd-Frank Act. The RFI seeks information related to all aspects of the Inherited Regulations, including (i) whether the Inherited Regulations should be tailored to an institution of a particular size or are incompatible with new technologies; (ii) changes the Bureau could make to the Inherited Regulations to more effectively meet the specific law’s statutory purpose; (iii) changes the Bureau could make to the Inherited Regulations to advance the statutory purposes stated in Section 1021 of the Dodd-Frank Act; (iv) whether the Bureau should introduce pilots, field tests, demonstrations or other activities to better analyze the cost/benefits of potential Inherited Regulations; and (v) where the Bureau could exercise more of its rulemaking authority to better align with the objectives of the applicable consumer financial laws. The RFI is expected to be published in the Federal Register on March 26. Comments will be due 90 days from publication.
On March 19, the CFPB extended the comment period of the first three RFIs released in the series to 90 days (previously covered by InfoBytes here, here, and here). The comment periods were originally set for 60 days after publication in the Federal Register but now the 90-day deadline applies to the following to match those of subsequent issuance:
- Civil Investigative Demands (CIDs) – comments are now due by April 26
- Adjudication Proceedings – comments are now due by May 7
- Enforcement Process – comments are now due by May 14
Financial Stability Board issues letter to G20 Finance Ministers and Central Bank Governors
On March 18, the Financial Stability Board (FSB) released a letter previously sent to G20 Finance Ministers and Central Bank Governors on March 13, which set forth priorities designed to “reinforce the G20’s objective of strong, sustainable and balanced growth.” Among other things, FSB presented its initial assessment that “crypto-assets do not pose risks to global financial stability at this time” due to their “small size” and “limited use for real economy and financial transaction”; however, FSB stressed that this assessment is subject to change should crypto-assets become more widely used or integrated within the regulated financial system. “Crypto-assets raise a host of issues around consumer and investor protection, as well as their use to shield illicit activity and for money laundering and terrorist financing,” the letter stated. “At the same time, the technologies underlying them have the potential to improve the efficiency and inclusiveness of both the financial system and the economy.” The letter also described priority deliverables FSB planned to implement, such as (i) Basel III banking reforms; (ii) policy to de-risk correspondent banking; (iii) a toolkit on governance measures to address misconduct risk; (iv) evaluations of certain financial reforms; and (v) a financial sector cybersecurity lexicon. The FSB also noted that it would continue to shift away from policy development and instead focus on the transparency and efficiency of its existing programs.
Indiana amends financial services legislation, adds allowable charges
On March 13, the Indiana governor signed HB 1397 and SB 377, which make a variety of changes to various Indiana banking, consumer, and financial services laws administered by the state’s Department of Financial Institutions (DFI). Among other things, HB 1397 amends Indiana’s Universal Commercial Credit Code (UCCC) to codify current DFI practice, which allows for additional charges in connection with a consumer credit sale or loan, including charges for a skip-a-payment service ($25 maximum), an expedited payment service ($10 maximum), and a guaranteed asset protection agreement. The legislation also adds electronic funds transfers to the list of return payments that may be assessed a $25 charge. For payday loans, the legislation clarifies that a borrower, during the third consecutive loan or any subsequent consecutive loan, may request an extended payment plan if the rescission period has expired and the borrower has not previously defaulted on the outstanding loan. Indiana’s SB 377 allows for the director of DFI to use certain technology solutions to oversee compliance with and enforce state laws associated with the regulation of payday loans.
Both pieces of legislation are effective July 1.
FTC challenges virtual currency “chain referral schemes”—creates new working group
On March 16, the FTC announced that a U.S. District Court for the Southern District of Florida granted a temporary restraining order against four individuals who allegedly promoted cryptocurrency “chain referral schemes” in violation of the FTC Act. According to the complaint, the defendants falsely promised that by paying a small sum in virtual currency to enroll, such as bitcoin or Litecoin, the participant could earn significant returns. Three of the defendants promoted schemes that claimed participants could turn $100 into $80,000 in monthly income based on recruiting additional participants, when in actuality most of the participants failed to recoup their initial investments. Additionally, the fourth defendant promoted another scheme, which promised virtual currency investors a fixed rate of return on bitcoin investments in a passive investment operation and a multilevel investment program which participants would receive a commission for recruiting more investors. The scheme allegedly ended within two months of opening and many investors failed to recover the initial investments.
On the same day, the FTC announced a new FTC Blockchain Working Group, which will (i) “build on FTC staff expertise in cryptocurrency and blockchain technology through resource sharing and by hosting outside experts”; (ii) “facilitate internal communication and external coordination on enforcement actions and other related projects”; and (iii) “serve as an internal forum for brainstorming potential impacts on the FTC’s dual missions and how to address those impacts.” The announcement highlighted the properties of cryptocurrencies that make the payment form susceptible to scammers, including the fact that it can be transferred electronically without requiring validation from a trusted third party source.
FTC reaches $45.5 million settlement with companies over illegal telemarketing calls
On March 16, the FTC and three Utah-based movie companies (defendants) agreed to a proposed stipulated final order settling charges that they violated the FTC Act and the Telemarketing Sales Rule (TSR). In 2011, the DOJ filed a complaint on behalf of the FTC, which alleged defendants engaged in abusive telemarketing practices by making more than 117 million deceptive and unlawful calls to consumers to pitch movies and induce DVD sales in violation of the TSR, including 99 million calls to numbers on the Do Not Call Registry. In 2016, a federal court jury found the defendants guilty of six TSR violations and collectively responsible for the more than 117 million unlawful calls alleged in the complaint. The jury additionally found that the defendants had “actual or implied knowledge of the TSR violations,” meaning that the court was allowed to assess civil penalties under the FTC Act. According to the FTC’s press release, this was the first-ever jury verdict in an action to enforce the TSR and DNC Registry rules.
The proposed stipulated final order bans the defendants from engaging in the alleged misconduct, orders the defendants to train and monitor its solicitors to ensure compliance with the TSR, and imposes a $45.5 million civil money penalty, of which $487,735 is suspended unless it is determined that the financial statements defendants submitted to the FTC contain any inaccuracies.