InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
House Passes Flood Insurance Bill Reforming and Reauthorizing National Flood Insurance Program
On November 14, the House voted 237-189 to pass legislation reforming and reauthorizing the National Flood Insurance Program (NFIP) for five years before it expires next month. As previously covered in InfoBytes, President Trump signed a three-month extension to the NFIP at the beginning of September in order to provide Congress additional time to establish a long-term financial solution for the program. The 21st Century Flood Reform Act (H.R. 2874) is designed to better facilitate compliance and clarify guidance for lenders and borrowers, and will, among other things, (i) change annual limits on premium increases for insurance obtained through the NFIP; (ii) require FEMA to consider the differences in flood risk between coastal and inland flood hazards when establishing premium rates; (iii) require FEMA to clearly communicate to policyholders the full flood risk to, and flood claims history of their property, and the effect of filing any additional claims; (iv) allow private insurers to continue selling policies on behalf of the NFIP, while also being allowed to sell their own private flood coverage; (v) revise federal flood mapping requirements, establish premium rates based on applicable flood insurance rate maps, and revise and clarify aspects of the appeals process; (vi) amend the Biggert-Waters Flood Insurance Reform Act of 2012 to clarify the time periods within which communities may consult with FEMA regarding mapping changes and submit data for consideration by the agency; (vii) revise the Flood Mitigation Assistance program to provide assistance for additional multiple loss properties; and (viii) amend the Flood Disaster Protection Act of 1973 to increase penalties against lenders and GSEs for violations of the mandatory purchase requirement from $2,000 to a maximum of $5,000 per violation.
H.R. 2874 now heads to the Senate.
50-State Class Action Complaint Filed Against Credit Reporting Company in Response to September Data Breach Announcement
On November 10, plaintiffs, and the members of the class and subclasses they seek to represent, filed a complaint in the Northern District of Georgia against a major credit reporting company, consolidating individual suits filed against the company since September in each of the 50 states and the District of Columbia. The plaintiffs allege that the company’s data breach (covered previously in InfoBytes)—in which hackers exploited a website application vulnerability to access names, Social Security numbers, birth dates, addresses, driver’s license numbers, as well as roughly 209,000 credit card numbers—has led to, among other things, identity theft, unauthorized credit and debit card charges, and applications for unauthorized student loans.
The complaint alleges a series of missteps by the company before, during, and after the breach, including: (i) not applying a recommended security patch; (ii) failing to recognize the breach for over three months; (iii) not warning consumers for another month after discovering the breach, thus preventing timely credit freezes or other protection methods; (iv) sending confusing emails and notices to consumers about whose data was compromised and how to protect themselves after the breach; and (v) creating confusion as to whether an arbitration clause included in the terms of service for the company’s credit monitoring website would apply to consumers using the service.
The plaintiffs seek, among other things, class certification; permanent injunctive relief; disgorgement and restitutions of earnings; compensatory, consequential, general, statutory, and punitive damages; declaratory relief; and attorneys’ fees.
Buckley Sandler Special Alert: Cordray to resign as director of CFPB
Richard Cordray said today in an email to the staff of the Consumer Financial Protection Bureau that he will resign as director before the end of November. While it has long been expected that he would seek the Democratic nomination for the governorship of Ohio, he did not specify his plans in the email.
Richard Cordray is the first confirmed Director of the CFPB, which was created by the Dodd-Frank Act in the wake of the financial crisis. Following his recess appointment by President Obama in January 2012, Cordray oversaw an aggressive rulemaking and enforcement agenda, which accelerated following the election of President Trump in November 2016.***
Click here to read full special alert.If you have questions about the announcement or other related issues, please visit our Consumer Financial Protection Bureau practice page, or contact a Buckley Sandler attorney with whom you have worked in the past.
SEC Reaches $3.5 Million Settlement With Broker-Dealer Over Failure to File Suspicious Activity Reports
On November 13, the SEC announced it has reached a settlement in an administrative proceeding against a broker-dealer firm for allegedly willful violations of Section 17(a) of the Securities and Exchange Act, including the firm’s failure to file, or timely file, at least 50 Suspicious Activity Reports (SARs) with the Financial Crime Enforcement Network (FinCEN) from approximately March 2012 through June 2013. As the SEC Order notes, Bank Secrecy Act regulations require a broker-dealer to file a SAR if it knows, suspects or has reason to suspect that a transaction of a certain minimum or aggregated amount involved funds derived from illegal activity or if the transaction was conducted to disguise funds derived from illegal activities. Other factors requiring a broker-dealer to file a SAR include the absence of any business or apparent lawful purpose for the transaction or if the transaction is to facilitate criminal activity.
When deciding whether to accept the firm’s settlement offer, the SEC considered voluntary remedial efforts undertaken by the firm, including the fact that the firm retained a third-party anti-money laundering (AML) compliance company to conduct a review of some of the firm’s SAR investigations. Under the terms of the settlement, the firm voluntarily agreed to, among other things, conduct a review of its AML policies and procedures for the identification, evaluation and reporting of suspicious activity related to firm accounts; and provide additional training to staff responsible for conducting investigations and filing SARs. Additionally, the firm was assessed a civil money penalty of $3.5 million.
OFAC Sanctions Ten Additional Venezuelan Officials Connected to Venezuela’s Electoral Process
On November 9, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced sanctions against ten current or former officials of the government of Venezuela for “undermining electoral processes, media censorship, or corruption in government-administered food programs in Venezuela.” The designation follows October 15, 2017 state elections in Venezuela, which were “marked by numerous irregularities that strongly suggest fraud helped the ruling party unexpectedly win a majority of governorships.” Under the sanctions, issued pursuant to Executive Order 13692 (see previous InfoBytes coverage here), all assets belonging to the identified individuals subject to U.S. jurisdiction are frozen, and U.S. persons are prohibited from having any dealings with them.
See additional InfoBytes coverage on previously issued Venezuelan sanctions here and here.
CFPB Urges Supreme Court to Reject Tribal Lenders' Petition
On November 9, the CFPB filed a brief with the Supreme Court opposing the petition for a writ of certiorari submitted by online tribal lending entities. The lenders are challenging a January decision by the Ninth Circuit Court of Appeals, which ordered the entities to comply with a CFPB investigation (previously covered by Infobytes). The litigation stems from the issuance of a civil investigative demand (CID) by the CFPB to online lending entities owned by Native American tribes. The entities argue that due to tribal sovereignty, the CFPB does not have jurisdiction over the small-dollar lending services in question. The district court and the Ninth Circuit concluded that the Consumer Financial Protection Act (CFPA) did not expressly exclude tribes from the CFPB’s enforcement authority and therefore, the entities cannot claim tribal sovereign immunity.
In its brief opposing the certiorari petition, the CFPB argues that the Ninth Circuit’s holding does not conflict with any prior Supreme Court or court of appeals decision, making further review unwarranted. The CFPB also argues, among other things, that Supreme Court review is unnecessary because “[t]he question at this juncture is solely whether the Bureau may obtain information from petitioners pursuant to a CID,” not “whether petitioners are subject to the Bureau’s regulatory authority.”
CFPB Publishes Two RFIs Concerning Free Access to Credit Scores
On November 13, the CFPB’s Office of Financial Education (OFE) published two requests for information (RFI) in the Federal Register concerning free access to credit scores. The first RFI requests information related to (i) consumers’ experience when accessing free credit scores, and (ii) the experience of companies and nonprofits when offering free access to credit scores to their customers and the general public. The Bureau plans to use the information gathered through the RFI to, among other things, “identify educational content that is providing the most value to consumers, and additional educational content that the Bureau or others could develop to increase consumers’ understanding of credit scores and credit reports.” Comments must be received by February 12, 2018.
The second RFI requests information on companies that provide existing customers free access to a credit score. This information will be used to update OFE’s March 2017 list of companies that offer this service. (See previous InfoBytes coverage here.) Following its update to the list, the CFPB intends to publish information “to educate consumers about the availability of credit scores and credit reports and how this information can be used effectively.” Comments must be received by January 12, 2018.
DOJ Sues Washington State Company for Alleged SCRA Violations
On November 9, the DOJ filed a complaint in the Western District of Washington against a Washington company for allegedly foreclosing on servicemembers’ homes in violation of the Servicemembers Civil Relief Act (SCRA). According to the DOJ’s complaint, its investigation uncovered at least 28 unlawful non-judicial foreclosures. In addition to a declaration that the company violated the SCRA, the DOJ is seeking monetary damages, a civil penalty, and injunctive relief.
The allegations stem from an investigation the DOJ initiated into the company’s foreclosure practices following the same court’s dismissal of a private SCRA action brought by a veteran on the ground that it was time-barred. Prior to the DOJ initiating the investigation, the veteran appealed the dismissal to the Ninth Circuit Court of Appeals. The DOJ filed an amicus brief in that appeal, arguing that private SCRA suits are governed by the four-year federal catch-all statute of limitations.
FTC Files Complaint Against Debt Collection Business for Alleged Violations of FTC Act, FDCPA
On November 8, the FTC issued a press release announcing charges against a Georgia-based debt collection business for allegedly violating the FTC Act by making false, unsubstantiated, or misleading claims to trick consumers into paying debt they did not actually owe. In the complaint, the FTC alleged defendants threatened legal action, garnishment, and imprisonment if the purported debt was not paid, and in other instances, attempted to collect debts after consumers provided proof the debt was paid off. Additionally, the defendants allegedly violated the Fair Debt Collection Practice Act (FDCPA) by (i) making false, deceptive, or misleading representations, including withholding the true status of the debt, threatening legal action or imprisonment, and failing to disclose they were debt collectors; (ii) engaging in unlawful third-party communications without obtaining prior consumer consent; and (iii) failing to provide consumers written verification of their debt within the required time frame. According to the FTC, defendants have collected more than $3.4 million from consumers since January 2015. A federal judge in the U.S. District Court for the Northern District of Georgia has temporarily restrained and enjoined the defendants’ alleged illegal practices and frozen their assets.
OCC Updates Policies and Procedures to Clarify Impact of CRA Ratings on Licensing Applications
On November 8, the OCC issued Bulletin 2017-51, updating guidance related to its approach when evaluating certain licensing applications from OCC-supervised banks that have “less than satisfactory” Community Reinvestment Act (CRA) ratings, either overall or in one or more particular geographic region. The revised Policies and Procedures Manual (PPM 6300-2) provides clarity on the OCC’s scrutiny of a bank’s CRA performance when an application is submitted to participate in a covered transaction such as (i) establishing or relocating a branch or main or home office; (ii) participating in a Bank Merger Act filing; (iii) converting from a state to a federal charter; and (iv) converting between federal charters. The revisions also allow applicants to document for the OCC how participating in such a transaction would “help the bank to achieve its CRA objectives” and “meet the credit needs of the community it serves, consistent with its safe and sound operation.”