Subscribe to our InfoBytes Blog weekly newsletter for news affecting the financial services industry.
On March 21, Federal Trade Commission (FTC) Acting Chairman Maureen K. Ohlhausen and Commissioner Terrell McSweeny testified before the Senate Committee on Commerce, Science, and Transportation’s Subcommittee on Consumer Protection, Product Safety, and Data Security to describe the agency’s law enforcement work to combat fraud. The testimony noted that in the past year, the agency obtained judgments of more than $11.9 billion to consumers “harmed by deceptive and unfair business practices” and received more than three million consumer complaints. Commissioner Terrell McSweeny noted that the “top three categories of complaints were debt collection, impostor frauds, and identity theft,” and that for the first time “imposter scam complaints . . . surpassed the number of identity theft complaints.” FTC Acting Chairman Maureen K. Ohlhausen also presented testimony and emphasized two populations in particular—military consumers and small businesses—both of whom are attractive targets for fraudsters, and for whom the agency actively works with to provide fraud recognition tools to prevent future victims. Also discussed at the hearing was the creation of the Office of Technology Research and Investigation to help the agency “keep abreast of technology changes affecting consumers” as well as the agency’s fraud prevention and education outreach initiatives that impact “tens of millions of people and businesses each year.”
On March 17, the Office of the Comptroller of the Currency (OCC) released a list of administrative enforcement actions taken against banks and bank officers in February. Several of the reported actions included payment of civil money penalties (CMPs) for, among other things, violations of the Federal Trade Commission Act, Bank Secrecy Act (BSA) deficiencies, and unsafe or unsound practices by institution-affiliated parties for breaches of fiduciary duty. Among the actions containing CMPs a Tennessee bank fined $1 million for deficiencies related to billing practices with regard to an identity protection product consumers paid for but never received, and a California bank fined $1 million for continuous non-compliance with a 2010 Consent Order for BSA deficiencies including “inadequate risk assessment process[es], inadequate system of internal controls, inadequate suspicious activity monitoring and reporting process[es], inadequate customer due diligence and enhanced due diligence programs, ” as well as having a “BSA/AML independent audit [that] failed to identify . . . significant internal control weaknesses.”
Department of Education Withdraws Student Loan Guidance; Bipartisan Legislation Introduced to Require APR Disclosure on Federal Student Loans
On March 16, the U.S. Department of Education (Department) Acting Assistant Secretary Lynn B. Mahaffie notified relevant agencies that the Department is withdrawing statements of policy and guidance regarding repayment agreements and liability for collection costs on Federal Family Education Loan Program (FFELP) loans as previously stated in its July 10, 2015 Dear Colleague Letter (DCL) GEN 15-14. GEN 15-14 barred a "guaranty agency from charging collection costs to a defaulted borrower who (i) responds within 60 days to the initial notice sent by the guaranty agency after it pays a default claim and acquires the loan from the lender; (ii) enters into a repayment agreement, including a rehabilitation agreement; and (iii) honors that agreement.” The Department emphasized that the "position set forth in the DCL would have benefited from public input on the issues discussed in the DCL,” and as a result, the Department has withdrawn the DCL and will not require compliance without the opportunity for the public to provide comments.
Earlier in the month, Representatives Randy Hultgren (R-IL), Luke Messer (R-IN), and David Scott (D-GA) reintroduced the Transparency in Student Lending Act (H.R. 1283)—bipartisan legislation requiring the disclosure of the annual percentage rate on federal loans issued by the Department of Education. In 2008 the Truth in Lending Act disclosure requirements were applied to private loans, but not to federal student loans—an omission that does a “gross disservice” to borrowers according to Hultgren. “The Department of Education is the largest consumer lender in the United States, and should provide the most transparent and helpful information to borrowers. Helping borrowers understand their debt obligations is an important first step to ensuring they are able to make their payments, and also helps prevent taxpayers from being on the hook for delinquent borrowers,” noted Hultgren.
On March 21, member agencies of the Federal Financial Institutions Examination Council (FFIEC) announced the release of their Joint Report to Congress: Economic Growth and Regulatory Paperwork Reduction Act (the Report), which details their review of rules affecting financial institutions and the effect of regulations on smaller institutions. The review—required by the Economic Growth and Regulatory Paperwork Reduction Act to be conducted at least once every ten years—included the participation of the Board of Governors of the Federal Reserve System, the Office of the Comptroller of the Currency, the Federal Deposit Insurance Corporation, and the National Credit Union Administration, and included the consideration of more than 230 written and 130 oral comments from financial institutions, trade associations, and consumer and community groups, as well as numerous comments obtained at outreach meetings.
The members of the FFIEC described several joint initiatives, including actions taken to:
- Simplify regulatory capital rules for community banks and savings associations;
- Streamline reports of condition and income (Call Reports);
- Increase the appraisal threshold for commercial real estate loans; and
- Expand the number of institutions eligible for less frequent examination cycles.
In addition, the Report also described actions taken by each agency to “update rules, eliminate unnecessary requirements, and streamline supervisory procedures.”
On March 23, the CFPB ordered a nationwide credit reporting company and its subsidiaries to pay $3 million for allegedly deceiving consumers about how credit scores they marketed and sold were used by lenders. The consent order claims the company developed its own proprietary credit scoring model (PLUS Score), which was used to generate credit scores from information in a consumer’s credit file. The company then allegedly deceptively marketed and sold the “educational” credit score as the same type of score lenders use to make credit decisions, when in fact lenders did not use the scores. Moreover, there were instances of significant discrepancies between the “educational” credit scores that the company sold to consumers and the actual credit scores used by the lenders. The Bureau also alleges the company—up until March 2014—violated the Fair Credit Reporting Act (FCRA) by requiring consumers to view advertisements before they could access their credit reports. Pursuant to the consent order, the company must pay a $3 million civil money penalty, truthfully inform consumers about the nature of the credit scores it sells, and develop and implement an effective compliance management system to ensure its advertising practices comply with federal consumer laws. As previously reported in InfoBytes, earlier this year the CFPB issued consent orders against two different nationwide credit reporting companies for similar allegations.
Federal District Court Allows Discovery in Class Action Concerning Internet Company’s Collection of Biometric Data
In a Memorandum Opinion and Order handed down on February 27,a District Court in the Northern District of Illinois declined to dismiss a putative class action alleging that a cloud-based photographic storage service offered by an Internet company (the Company) violated the Illinois Biometric Information Privacy Act (BIPA) by automatically uploading plaintiffs’ mobile photos and allegedly scanning them to create unique face templates (or “faceprints”) for subsequent photo-tagging without consent. Specifically, the Court rejected the Company’s argument that application of BIPA to facial geometry scanning by by an internet service located outside of Illinois is an improper extraterritorial application of Illinois law.
The Plaintiffs alleged that the Company failed to both (i) obtain the necessary authorization or consent to the creation and subsequent storing of “faceprints” by the photo storage service, or (ii) make publicly available a data retention and destruction schedule as required under the BIPA. In responding to these claims, the Company argued that the term “biometric identifier,” as defined in the BIPA, does not extend to “in-person scans of facial geometry” and does not cover photographs or information derived from photographs. The Company also sought to dismiss the case on jurisdictional grounds, arguing that under principles of federalism, pre-emption, and the extra-jurisdictional application of state law, the BIPA cannot properly regulate activity – such as the storage of data on the Company’s servers – that does not occur “primarily and substantially” within the state of Illinois.
In analyzing the Company’s argument, the Court looked to the following two definitions set forth in the Illinois law:
- “Biometric identifier,” which is defined as “a retina or iris scan, fingerprint, voiceprint, or scan of hand or face geometry” and explicitly “do[es] not include writing samples, written signatures, photographs. . . .”; and
- “Biometric information,” which is defined as “any information, regardless of how it is captured, converted, stored, or shared, based on an individual’s biometric identifier used to identify an individual,” and explicitly “does not include information derived from items or procedures excluded under the definition of biometric identifiers.”
Ultimately, the Court disagreed with the Company’s reading of “biometric data” because, among other reasons, “nothing in the text of [the BIPA] directly supports this interpretation.” The Court deferred deciding on the Company’s arguments that the claims would require extraterritorial application of the statute and/or would violate the Dormant Commerce Clause by reaching beyond state boundaries, because, among other reasons, “[d]iscovery is needed to determine whether there are legitimate extraterritoriality concerns.”
On March 9, the Company filed a motion seeking permission to file an interlocutory appeal to the Seventh Circuit, with a request for a stay of further proceedings pending the appellate court’s decision on the request for an appeal.
On March 15, the Office of Inspector General for the Board of Governors for the Federal Reserve Board and Consumer Financial Protection Bureau (OIG) issued its findings in the evaluation report titled The CFPB Can Strengthen Its Controls for Identifying and Avoiding Conflicts of Interest Related to Vendor Activities (the Report), stemming from an evaluation of the risk of potential conflicts of interest when using vendors to support fair lending compliance and enforcement analysis. The Report covers the time period of June 2012 through January 2016. To assist the CFPB’s Office of Fair Lending and Equal Opportunity’s fair lending oversight function, the Bureau contracted with vendors to “conduct statistical analysis designed to assess an institution’s compliance with fair lending laws and to serve as an expert witness when needed.” The function of the evaluation was to assess whether the Bureau effectively identified and avoided the risk of potential conflicts of interest for vendors supporting this type of work. Notably, while the OIG concluded that the Bureau’s relationship with one vendor heightened the risk of possible conflicts of interest and increased the need for timelier vendor disclosures and communications—a vendor took nearly two years to disclose a relationship with a firm included on a CFPB task order but later confirmed no work was performed—no actual conflicts of interest were found in its evaluation. The OIG presented the following recommendations:
- Ensure vendors comply with existing documentation requirements;
- Clarify roles and responsibilities; and
- Improve the facilitation of vendor disclosure of potential conflicts or receive affirmation that conflicts do not exist at the start of every task order.
Furthermore, the OIG recommended evaluating the costs and benefits of performing more fair lending analysis internally, which may effectively mitigate such risks
Representative Tom Emmer (R-Minn) has reintroduced the Financial Stability Oversight Council Reform Act (H.R. 1459), which is intended to increase oversight, transparency, and accountability by subjecting the Financial Stability Oversight Council (FSOC) and the Office of Financial Research (OFR) to the regular congressional appropriations process. The proposed legislation—which has been referred to the Committee on Financial Services—would also provide for certain quarterly reporting requirements for the OFR, including an “annual work plan” subject to public notice and comment.
On March 20, the CFPB issued a request for comment on its plan for assessing the effectiveness of its May 2013 final rule governing consumer remittance transfers. According to a March 17 blog post on the CFPB’s website, the self-assessment—which is required under Section 1022(d) of the Dodd-Frank Act—will focus on, among other things: (i) “whether the market for remittances has evolved . . . in ways that promote access, efficiency, and limited market disruption”; and (ii) whether the Remittance Rule (and other CFPB regulatory activity) has “brought more information, transparency, and greater predictability of prices to the market.” In describing the approach it planned to take in conducting its evaluation, the CFPB explained that it would seek to “compare consumer outcomes to a baseline that would exist if the Remittance Rule’s requirements were not in effect.” Comments on the plan will be due 60 days following the notice’s publication in the Federal Register.
House Financial Institutions and Consumer Credit Subcommittee Hearing Examines Decline in New Bank/Credit Union Charter Applications
In an afternoon hearing on March 21 entitled “Ending the De Novo Drought: Examining the Application Process for De Novo Financial Institutions,” Members of the House Financial Services Financial Institutions and Consumer Credit Subcommittee met to examine the impact that the Dodd-Frank Act has had on the creation of new or “de novo” financial institutions. According to a majority staff memorandum released in advance of the hearing, the number of new, or “de novo,” bank and credit union charters has declined to historic lows since the passage of the Dodd-Frank Act. From 2010 to 2016, there were only five new bank and 16 new credit union charters granted. In comparison, between 2000 and 2008, 1,341 new banks and 75 new credit unions were chartered.
Three of the witnesses – each of whom appeared on behalf of a banking industry group – generally agreed that the Dodd-Frank Act has, to some extent, had a “chilling impact” on the creation of new banks:
- Kenneth L. Burgess, speaking on behalf of the American Bankers Association noted, among other things, that “in the five years since Dodd-Frank was enacted, the pace of lending was half of what it was several years before the financial crisis. Some banks have stopped offering certain products altogether, such as mortgage and other consumer loans.”
- Keith Stone, representing the National Association of Federally-Insured Credit Unions, noted that “[t]he compliance requirements in a post-Dodd-Frank environment have grown to a tipping point where it is nearly impossible for many smaller institutions to survive, much less start from scratch.”
- Patrick J. Kennedy, Jr., appearing on behalf of the Subchapter S Bank Association, noted that “[m]any banks exited the mortgage loan business because of the complexity and uncertainty resulting from Dodd Frank, the CFPB and related rulemaking.”
The fourth witness, Sarah Edelman, offered an alternative explanation for the decline in new bank applications to the FDIC. Ms. Edelman—who is currently the director of housing finance at the Center for American Progress—testified as to her belief that the “decline” in “[t]he number of new bank applications to the FDIC . . . is largely the result of macroeconomic factors, including, historically low interest rates reducing the profitability of new banks, as well as investors being able to purchase failing banks at a discount following the financial crisis.”
In December of last year, the FDIC released a handbook entitled Applying for Deposit Insurance – A Handbook for Organizers of De Novo Institutions, which provides an overview of the business considerations and statutory requirements that de novo organizers face as they work to establish a new depository institution and offers guidance for navigating the phases of establishing an insured institution. Rather than establish new policy or offer guidance, the Handbook instead “seeks to address the informational needs of organizers, as well as feedback from organizers and other interested parties during recent industry outreach events.” Comments were due February 20. Additional resources are available through an FDIC website dedicated to applications for deposit insurance.