InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
OIG Recommends CFPB Improve Enforcement Data Security
On May 15, the Office of Inspector General for the Consumer Financial Protection Bureau issued findings in a report entitled The CFPB Can Improve Its Practices to Safeguard the Office of Enforcement’s Confidential Investigative Information (the Report), stemming from an evaluation to determine whether the Bureau has effective controls to manage and safeguard access to Confidential Investigative Information (CII). The Report found that the Bureau’s practices could be improved. According to the findings, the Bureau’s Office of Enforcement (Office) allowed 113 unique users to have access to databases in which there was CII—which may include personally identifiable information—about companies that were subject to reviews by enforcement staff. Of those 113 users, 72 were still employed by the CFPB but did not have a need for access to that information, the report said.
Specifically, the OIG determined users continued to have access to at least one electronic application when it was no longer relevant to the performance of the users’ assigned duties. The OIG also cited instances of improper handling and safeguarding of sensitive information and inconsistent naming conventions for matters across its four electronic applications and two internal drives, which impeded the Office’s ability to verify, maintain, and terminate access to files. The OIG noted in the report that during its assessment the Office took several steps to correct these issues.
The OIG presented the following recommendations: (i) enhance practices for managing access rights to matter folders; (ii) improve the handling of printed sensitive information; and (iii)establish a standard naming convention for electronically stored information.
Senators Reintroduce Truth in Settlements Act to Increase Transparency of Agency Settlements
On May 17, Senators Elizabeth Warren (D-Mass.) and James Lankford (R-Okla.) reintroduced a bipartisan bill entitled the Truth in Settlements Act of 2017 (S. 1145) to increase the transparency of major settlements reached by federal enforcement agencies. The bill—which was referred to the Committee on Homeland Security and Governmental Affairs—seeks to inform the public and hold federal regulators accountable for the true value of these settlements by requiring more accessible, detailed disclosures and “adequate information regarding the tax treatment of payments” made by companies and individuals under settlements with federal agencies. As previously covered in InfoBytes, the bill was first introduced in 2014. Sen. Warren commented that “more transparency means Congress, citizens and watchdog groups can better hold regulatory agencies accountable for enforcing laws so that everyone—even corporate CEOs—are equal under the law.” Similarly, Sen. Lankford remarked, “Taxpayers deserve an open and transparent government that is accountable to the American people.”
Notably, the proposed bill would demand more specificity and transparency by requiring federal agencies to post online, in a searchable format, a list of each covered settlement agreement, criminal or civil, with payments totaling $1 million or more. Furthermore, agencies will be required, among other things, to justify confidentiality provisions and explain whether any portion of the settlement amount is potentially tax deductible. The Senators also released a fact sheet detailing past settlements by federal agencies that have allowed tax deductions, offset credits, or designated agreements as confidential.
FDIC Announces Nationwide Seminars for Bank Officers and Employees
On May 18, the FDIC issued FIL-18-2017 announcing that, between June 6, 2017 and December 4, 2017, it will conduct four identical live seminars regarding FDIC deposit insurance coverage for bank employees and bank officers. The seminars will include an overview of popular topics such as (i) the Electronic Deposit Insurance Estimator—an interactive tool used to calculate deposit insurance coverage; (ii) the BankFind Directory, which allows users to confirm if a bank is FDIC-insured; and (iii) the Financial Institution Employee’s Guide to Deposit Insurance developed to help bankers provide detailed information about deposit insurance coverage to their depositors. In addition to the live seminars, the FDIC posted to its YouTube channel three separate seminars, entitled (i) Fundamentals of Deposit Insurance Coverage; (ii) Deposit Insurance Coverage for Revocable Trust Accounts; and (iii) Advanced Topics in Deposit Insurance Coverage. Both the live seminars and the YouTube seminars will provide bank employees and officers with an understanding of how to calculate deposit insurance coverage. Bankers interested in attending the seminars should visit the FDIC’s website.
Acting FTC Chairman Ohlhausen Welcomes New FCC Approach to Internet Openness
On May 18, Acting FTC Chairman Maureen Ohlhausen issued a statement on the FCC’s publication of a Notice of Proposed Rulemaking (NPRM) to “reinstate a light-touch regulatory approach protecting Internet openness.” The Notice proposes the following actions: (i) returning to the framework under Title I of the Communications Act instead of following Title II regulatory guidance; (ii) classifying mobile broadband Internet access service as “private mobile service”; and (iii) eliminating Title II’s “vague and expansive” Internet conduct standard, thus eliminating regulatory uncertainty. “I welcome the adoption of this NPRM as further progress toward restoring the FTC’s ability to protect broadband subscribers from unfair and deceptive practices, including violations of their privacy. Those consumer protections were an unfortunate casualty of the FCC’s 2015 decision to subject broadband to utility-style regulation. This new proceeding offers an opportunity to undo that decision and thereby return broadband consumers to the expert protection of the FTC,” stated Chairman Ohlhausen.
CFTC Announces Initiative for Fintechs
On May 17, the U.S. Commodity Futures Trading Commission (CFTC) announced an initiative called “LabCFTC” designed to engage innovators in the financial technology industry and “promot[e] responsible [fintech] innovation to improve the quality, resiliency, and competitiveness of the markets the CFTC oversees.” Located in New York, LabCFTC will address the regulatory challenges of increasingly automated trading and foster a regulatory environment more receptive to emerging fintech companies. The initiative will consist of two major components:
- GuidePoint will offer opportunities for fintech companies to engage with the CFTC on how to implement innovative technology into existing regulatory framework and navigate the regulatory process.
- CFTC 2.0 will initiate the adoption of emerging technologies in order to improve the CFTC's effectiveness and efficiency.
In prepared remarks issued before the New York FinTech Innovation Lab, CFTC Acting Chairman J. Christopher Giancarlo stated that LabCFTC is “[t]wenty-first century regulation for 21st century digital markets and will help the CFTC cultivate a regulatory culture of forward thinking . . . , become more accessible to emerging technology innovators . . . , discover ways to harness and benefit from [fintech] innovation . . ., and become more responsive to our rapidly changing markets.”
National Fair Housing Alliance Settles Lending Discrimination Claims Brought Against National Bank
On May 19, the National Fair Housing Alliance (NFHA) announced it had reached an agreement with a major national bank (Bank) related to a housing discrimination complaint the NFHA filed with HUD in 2014. The complainant alleges that NFHA conducted a series of tests over a period of several months revealing a “pattern of discriminatory conduct.” Latino prospective qualified borrowers were often quoted higher monthly payment and closing costs and were denied opportunities to speak with loan officers. The complainants also cited data showing that the number of purchase loan applications received from Latinos had declined over the past few years. While the Bank denied all allegations in the complaint, it agreed to contribute more than $400,000 towards fair housing efforts in South Carolina and nationwide. Separately, the original complaint led to HUD filing charges against the Bank last December on behalf of the NFHA for lending discrimination—citing, in particular, that prospective Latino borrowers were treated less favorably than non-Latinos, in violation of the Fair Housing Act.
U.S. and Saudi Arabia Agree to Enhance Counter Terrorist Financing Capabilities
On May 21, the Treasury Department announced an agreement between the U.S. and Saudi Arabia to establish a Terrorist Financing Targeting Center as a collaborative effort between the two countries and several Persian Gulf nations, including Bahrain, Kuwait, Oman, Qatar and the United Arab Emirates. The new center is intended to (i) enhance information-sharing regarding terrorist financial networks; (ii) coordinate action on sanctions; and (iii) facilitate technical assistance for participating countries that need support developing their counter terrorist programs and provide best practices guidance “in line with Financial Action Task Force standards.” The participants intend to implement the outlined activities immediately.
House Passes Cyber Crime Bill
On May 16, the U.S. House of Representatives officially approved the Strengthening State and Local Cyber Crime Fighting Act of 2017 (H.R. 1616) in a vote of 408-3. The Act would amend the Homeland Security Act of 2012 to formalize the Secret Service’s National Computer Forensic Institute’s (NCFI) responsibilities for coordinating investigations into cyberattacks and hacks and would provide training and tools for state and local agencies dealing with electronic crime related threats. In an April press release issued by the bill’s sponsor, Rep. John Ratcliffe (R-Tex.), Chairman of the House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection, stated, “The [NCFI] has played a major role in equipping state and local law enforcement officers across the country with the tools they need to address the extra layers of complexity presented by the growing incidences of cybercrime,” Notably, the legislation, which now heads to the Senate, follows the recent international cyberattack that infected computer systems globally with the WannaCry ransomware (see previous InfoBytes coverage here).
City of Philadelphia Sues National Bank for Discriminatory Lending Practices
On May 15, the City of Philadelphia filed a lawsuit against a national bank (Bank) alleging that it violated the Fair Housing Act by engaging in discriminatory lending practices that targeted minority borrowers. (See City of Phila. v. Wells Fargo & Co., Case No. 2:17-cv-02203-LDD, 2017 WL 2060317 (E.D. Pa.).) The complaint alleges that beginning in 2004 and continuing through the present, the Bank engaged in “a continuous and unbroken discriminatory pattern and practice of issuing higher cost or more onerous mortgage loans to minority borrowers” while offering better terms to similarly situated non-minority borrowers. The City’s complaint alleges discrimination under both disparate treatment and disparate impact theories. The City claims that the Bank has a long history of both redlining (the practice of refusing to make loans in minority neighborhoods) and reverse redlining (the practice of targeting higher cost loans or loans with less favorable terms to minority neighborhoods). The complaint further describes a pattern of knowing and intentional discrimination by the Bank, relying on statistical analyses finding, among others, that: (i) a loan for a home in a predominantly minority neighborhood was 4.7 times more likely to go into foreclosure than a loan on a home in a mainly white neighborhood; (ii) African American and Latino borrowers were more than twice as likely to receive a high-cost loan as white borrowers; and (iii) when credit scores were factored in for borrowers with FICO scores of more than 660, African American borrowers were more than 2.5 times more likely than white borrowers to receive a high cost loan, and Latino borrowers more than twice as likely. As a result of the foreclosures and vacant homes, the City says it suffered a suppression of property tax revenue and increased cost of providing services such as police, fire fighting, and other municipal services.
City of Miami Suit. As previously covered in InfoBytes, the Supreme Court recently ruled that municipal plaintiffs may be “aggrieved persons” authorized to bring suit under the Fair Housing Act (FHA) against lenders for injuries allegedly flowing from discriminatory lending practices, although the five-justice majority held that such injuries must be proximately caused by the FHA violations. The Supreme Court returned the City’s lawsuit to the U.S. Court of Appeals for the Eleventh Circuit because, while the Court found that the City’s injuries appeared to be a foreseeable result of the lender’s practices, this was not enough to establish proximate cause. Therefore, it remains to be seen whether the City can show proximate cause.
Fourth Circuit States Violation of FCRA that Fails to Demonstrate a Concrete Injury Not Enough for Standing
On May 11, the U.S. Court of Appeals for the Fourth Circuit issued an opinion vacating a nearly $12 million judgment in a class action brought on behalf of a 69,000 member class, concluding that a credit reporting agency’s decision to list a defunct credit card company—rather than the name of its current servicer—on an individual’s credit report does not, without more, create a sufficient injury under the Fair Credit Reporting Act (FCRA) for purposes of Article III standing. Furthermore, although the lead plaintiff alleged that he suffered a cognizable “informational injury,” in that he was denied the source of the adverse information on the report, the appeals court found that he failed to “demonstrate a concrete injury” as a result of the allegedly incorrect information listed on the credit report. (See Dreher v. Experian Info. Sols., Inc., No. 15-2119, 2017 WL 1948916 (4th Cir. May 11, 2017).)
The 2014 class action complaint against the credit reporting agency was filed by an individual who—when undergoing a background check for a security clearance—received a credit report that listed a delinquent credit card account with a creditor that had transferred the debt to a new servicer that was not listed as a source of information. When servicing the defunct company’s accounts, the new servicer had decided to do business using the creditor’s name, and directed the credit reporting agency to continue to reflect that name on the tradeline appearing for those specific accounts on its credit reports. The plaintiffs asserted that the credit reporting agency “deliberately [withheld] and inaccurately [stated] the identity of the source of reported credit information,” in violation of the FCRA. The credit reporting company sought summary judgment on the claims, arguing that the individual and the class lacked standing under the FCRA. However, the district court ruled in favor of the member class finding that the credit reporting company “committed a willful violation of . . . the [FCRA].”
In vacating the district court’s ruling, the Fourth Circuit opined that under the FCRA, a plaintiff “must have (1) suffered an injury in fact, (2) that is fairly traceable to the challenged conduct of the defendant, and (3) that is likely to be redressed by a favorable judicial decision.” The Fourth Circuit concluded that the individual could not clear the first hurdle. To establish “injury in fact,” the plaintiff must show that he or she suffered an invasion of a legally protected interest that is concrete and particularized. While the plaintiff alleged that the credit reporting agency had violated the FCRA by failing to “clearly and accurately disclose to the consumer . . . [t]he sources of the information [in the consumer’s file at the time of the request],” the Fourth Circuit concluded that the statutory violation alone did not create a concrete informational injury sufficient to support standing. “Rather, a constitutionally cognizable informational injury requires that a person lack access to information to which he is legally entitled and that the denial of that information creates a ‘real’ harm with an adverse effect.” In this instance, “the account had no legitimate effect on the [plaintiff’s] background check process, and [t]hus receiving a creditor’s name rather than a servicer’s name—without hindering the accuracy of the report of efficiency of the credit report resolution process—worked no real world harm.” Instead, the Fourth Circuit categorized the plaintiff’s allegations as chiefly “customer service complaints”—a type of harm unrelated to those Congress sought to prevent when enacting the FCRA.