Skip to main content
Menu Icon Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations
Section Content

Upcoming Events

Filter

Subscribe to our InfoBytes Blog weekly newsletter for news affecting the financial services industry.

  • Directors Plead Guilty in U.K. to Angola Bribe Scheme

    Financial Crimes

    On September 15, a logistics and shipping company, and six of its current and former directors pleaded guilty in the U.K. to charges of conspiracy to pay bribes in Angola. The trial against a seventh man charged in the conspiracy started this week in London. The U.K.’s Serious Fraud Office charged the company and the seven individuals last year with allegedly paying bribes when the company was seeking to obtain freight forwarding services contracts with the Angolan state oil company between January 2005 and December 2006.

    Financial Crimes UK Serious Fraud Office

    Share page with AddThis
  • Brazilian Petrochemical Company Reaches $10 Million Settlement With Investors

    Financial Crimes

    On September 14, a Brazilian petrochemical company, agreed to pay its U.S. investors $10 million for concealing its role in a corruption scandal involving a Brazilian multinational corporation in the petroleum industry. The settlement resolves a 2015 lawsuit brought by U.S. investors against the petrochemical company, which alleged the company had misled investors into believing its operations were legitimate. The settlement follows the December 2016 guilty plea by the company and its affiliated construction firm to violating the Foreign Corrupt Practices Act. Together, the companies agreed to pay $3.5 billion in a combined global settlement with U.S., Brazilian, and Swiss authorities.

    Financial Crimes FCPA Anti-Corruption Braskem SA Petrobras Brazil Switzerland

    Share page with AddThis
  • CFPB Clarifies Remittance Transfer Rule Compliance

    Agency Rule-Making & Guidance

    As previously covered in InfoBytes, the CFPB recently released its summer 2017 Supervisory Highlights (Highlights) outlining its supervisory progress this year. Included among the issues highlighted by the Bureau is its recent activity in the remittance transfer rule (RTR) space under Regulation E. The Highlights indicate that the CFPB intends to continue its focus on RTR compliance at both large and small institutions. Of particular note, the Bureau—for the first time—has provided informal guidance on international mobile top-up products for telephone airtime. Prior to the Highlights, it was unclear to what extent these products were subject to the RTR. The Highlights confirm that the CFPB will take the position that these products fall within the scope of the rule and has action against at least one institution for that institution’s failure to treat international mobile top-ups in excess of $15 as remittance transfers subject to the RTR.

    This edition of the Highlights helps to clear up prior confusion around the industry regarding international mobile top-ups and bill pay products, as discussed in a recent article.

    Agency Rule-Making & Guidance CFPB Remittance Remittance Transfer Rule Regulation E Mobile Top-Ups Compliance

    Share page with AddThis
  • Second Circuit Cites Spokeo, Rules No Standing to Sue for Violation of FACTA

    Courts

    On September 19, the U.S. Court of Appeals for the Second Circuit issued an opinion ruling that a merchant who had printed the first six numbers of a consumer’s credit card on a receipt violated the Fair and Accurate Credit Transactions Act (FACTA), but that because the violation did not cause a concrete injury, the consumer did not have standing to sue the merchant. Under FACTA, merchants are prohibited from including more than the final five digits of a consumer’s credit card number on a receipt. In this instance, the plaintiff filed a complaint in 2014, followed by an amended complaint later that same year, in which he alleged that he twice received printed receipts containing the first six digits of his credit card number, in violation of FACTA. The plaintiff claimed that the risk of identity theft was a sufficient injury to establish standing. The defendants argued that that the first six digits of the credit card account only identified the card issuer and did not reveal any information about the consumer, which did not “raise a material risk of identity theft.” Citing a Supreme Court ruling in Spokeo v. Robins, the district court opined that a procedural violation of a statute is not enough to allow a consumer to sue, because it must be shown that the violation caused, or at least created a material risk of, harm to the consumer—which, in this case, was not present. Accordingly, the appellate court affirmed the district court’s dismissal for lack of subject matter jurisdiction, but found that the district court erred in dismissing the suit with prejudice.

    Courts Litigation FACTA Second Circuit U.S. Supreme Court

    Share page with AddThis
  • House Financial Services Committee Issues Second Interim Report on Bureau’s Role in Fraudulent Accounts Scandal Investigation

    Federal Issues

    On September 19, the Majority Committee Staff of the House Financial Services Committee (Committee) released a second interim report and supporting documents on the investigation of the role the CFPB played in detecting and remedying a major national bank’s practice of opening unauthorized bank accounts. As previously covered in InfoBytes, the first interim report, issued June 6, accused Director Richard Cordray, among other things, of failing to cooperate with the Committee’s “comprehensive investigation.” The second interim report claims the CFPB and Director Cordray failed to comply with the Committee’s repeated requests for documents related to the investigation into the bank’s practices, never conducted its own independent investigation (but, instead, “relied primarily, if not exclusively,” on a third party report), and withheld a crucial Recommendation Memorandum from the Committee for over a year that disclosed analysis of the legal and factual components of the Bureau’s investigation, as well as an evaluation of whether to enter into a settlement. The Committee’s accusations also include claims that Director Cordray allegedly misled Congress about the agency's investigation into the bank’s illegal sales practices and may have “rushed” a settlement with the bank, which resulted in a $100 million fine when it was potentially liable for a statutory civil monetary penalty exceeding $10 billion. Chairman Jeb Hensarling (R-Tex.) said in a press release that “[t]he premature suspension of its investigation means that the CFPB also potentially lost the opportunity to discover recently revealed instances of further consumer harm.”

    Federal Issues CFPB House Financial Services Committee Settlement Enforcement Fraud Investigations

    Share page with AddThis
  • CFPB Files Complaint Against Company that Allegedly Made False Loan Offers

    Consumer Finance

    On September 19, the CFPB announced it had filed a complaint in the U.S. District Court for the Southern District of New York against a New Jersey-based company and two associated individuals (defendants) that allegedly offered loans to consumers who were awaiting payouts from legal settlements or statutory- or victim-compensation funds. According to the complaint, the company engaged in deceptive acts and practices in violation of the Consumer Financial Protection Act by purportedly representing itself as a direct lender, when in actuality it did not provide loans to consumers, but instead brokered transactions while charging a commission for the service. Among other things, the defendants allegedly (i) misrepresented the annual percentage rates (APR) on the advances given to consumers, often representing that interest rates were as small as one to two percent when the actual APR was much higher; (ii) falsely claimed that it had offices in all 50 states and employed a staff of accounting, financial, and legal professionals; and (iii) misled consumers by stating in their marketing materials that consumers could receive loan proceeds within one hour, when the process took longer.

    According to the proposed final judgment and order, which must be approved by the district court, the defendants shall be banned from offering these types of loans or advances to consumers in the future. In addition, the company and the owner—who was responsible for decision-making and operations—are jointly liable for a $60,000 civil money penalty to the CFPB. The second individual—who was responsible for recruiting consumers through marketing materials and websites—must pay a $10,000 civil money penalty to the CFPB. The Bureau noted in the announcement that the low penalties take into account the defendants’ inability to pay greater amounts.

    Consumer Finance CFPB Enforcement Lending UDAAP CFPA

    Share page with AddThis
  • CFPB Announces Final Rule Modifying ECOA Regulations, Seeks Public Comment on Proposed Disclosure of HMDA Data

    Agency Rule-Making & Guidance

    On September 20, the CFPB announced its Final Rule amending Regulation B, which implements the Equal Credit Opportunity Act (ECOA), as well as a notice of proposed policy guidance requesting public comment on modifications to loan-level HMDA data that will be made publicly available beginning in 2019.

    Amendments to Regulation B. The Final Rule, among other things, permits institutions not subject to HMDA reporting requirements to choose, on an “application-by-application basis,” between two approaches to collecting race and ethnicity data from applicants for certain dwelling-secured loans: either collect such data in the aggregate or use the disaggregated and more expansive categories required for HMDA-reporting institutions under revisions to Regulation C effective in 2018.  According to the Final Rule, this means that creditors that are not HMDA reporters could transition to using the 2016 Uniform Residential Loan Application, which was updated to comply with the upcoming changes to Regulation C. As previously covered in InfoBytes, the justification for the change was to provide consistency and clarity with respect to other Bureau rules.

    Proposed Policy Guidance Regarding Publicly Available Loan-Level HMDA Data. The CFPB has issued a notice of proposed policy guidance with a request for public comment concerning modifications that it intends to apply to publicly available loan-level HMDA data that financial institutions will be required to report in connection with the new HMDA data reporting requirements that become effective January 1, 2018. The CFPB is specifically seeking comment on whether certain data fields should be included or modified in the publicly available loan-level HMDA data; these fields include the universal loan identifier, application date, loan amount, action taken date, property address, age, credit score, debt-to-income ratio, and property value, among others. As previously covered in InfoBytes, the CFPB issued its final rule amending Regulation C in August. Comments on the proposed guidance are due 60 days after publication in the Federal Register.

    Agency Rule-Making & Guidance Consumer Finance CFPB ECOA HMDA Mortgages Regulation B Regulation C

    Share page with AddThis
  • CFPB Publishes Small Entity Compliance Guide on Arbitration Rule

    Agency Rule-Making & Guidance

    On September 15, the CFPB published a small entity compliance guide concerning the Bureau’s final arbitration rule that became effective this month. Compliance is required for “pre-dispute arbitration agreements” entered into on or after March 19, 2018. This guide provides a summary of the rule and highlights the parties and consumer financial products and services covered by the rule, as well as exclusions from the rule’s requirements. In addition, the guide includes descriptions of provisions to be included in pre-dispute arbitration agreements, clarifies the rule’s prohibition on relying on pre-dispute arbitration agreements to block class actions, and explains the record submission requirements under the rule.

    However, as previously discussed in InfoBytes, while the arbitration rule went into effect September 18, the House earlier passed a disapproval resolution, in July, to repeal the rule, with a similar measure set for discussion in the Senate.

    Agency Rule-Making & Guidance CFPB Arbitration Compliance Class Action

    Share page with AddThis
  • Data Breach Fall Out Continues: Lawsuit Filed by Massachusetts AG, NYDFS Cybersecurity Regulation to Possibly Include Credit Reporting Agencies, and Joint Letter Sent from 34 States Requesting Fee-Based Credit Monitoring Service Be Disabled

    Privacy, Cyber Risk & Data Security

    The impact from the September 7 announcement that a major credit reporting agency suffered a data breach continues to be far reaching. On September 15, the agency issued a press release announcing additional information concerning its internal investigation, as well as responses to consumer concerns about arbitration and class-action waiver provisions in the Terms of Use applicable to its support package and regarding security freezes.

    Massachusetts AG Lawsuit. On September 19, Massachusetts Attorney General Maura Healey announced it had filed the first enforcement action in the nation against the credit reporting agency. The complaint, filed in Massachusetts Superior Court, alleges that the agency ignored cybersecurity vulnerabilities for months before the breach occurred and claims that the agency could have prevented the data breach had it “implemented and maintained reasonable safeguards, consistent with representations made to the public in its privacy policies, industry standards, and the requirements of [the Massachusetts Data Security Regulations],” which went into effect March 1, 2010. The failure to secure the consumer information in its possession, the complaint asserts, constitutes an “egregious violation of Massachusetts consumer protection and data privacy laws.” Causes of action under the complaint arise from (i) the agency’s failure to provide prompt notice to the commonwealth or the public; (ii) the agency’s failure to safeguard consumers’ personal information; and (iii) the agency engaging in unfair and deceptive acts and practices under Massachusetts law. The commonwealth seeks, among other things, civil penalties, disgorgement of profits, and restitution.

    NYDFS Cybersecurity Regulation. On September 18, New York Governor Andrew M. Cuomo released a notice directing the New York Department of Financial Services (NYDFS) to issue a proposed regulation that would expand the state’s “first-in-the-nation” cybersecurity standard to include credit reporting agencies and to require the agencies to register with NYDFS. The annual reporting obligation would, according to a press release issued by NYDFS, grant it the authority to deny or revoke a credit reporting agency’s authorization to do business with New York’s regulated financial institutions should the agency be found in violation of certain prohibited activities, including engaging in unfair, deceptive or predatory practices. Under the proposed regulation, credit reporting agencies would be subject to compliance examinations by NYDFS, would be required to initially register with NYDFS by February 1, 2018 and annually thereafter, and would be required to comply with cybersecurity regulations starting on April 4, 2018, in accordance with a phased-in compliance schedule. On the same day, NYDFS issued a separate press release urging New York state chartered and licensed financial institutions to take immediate action to protect consumers in light of the recent credit reporting agency data breach. The guidance presented in the release by the NYDFS is provided in conjunction with the state’s cybersecurity regulations.

    State Attorneys General Request. On September 15, a letter co-authored by 34 state attorneys general was sent to the credit reporting agency’s legal counsel. The letter expresses concern over the agency’s conduct since the disclosure of the breach, including the offer of both fee-based and a free credit monitoring services, the waiver of certain consumer rights under the agency’s terms of service, and the charges incurred by consumers for a security freeze with other credit monitoring companies. Specifically, the attorneys general objected to the agency “using its own data breach as an opportunity to sell services to breach victims,” and argued that “[s]elling a fee-based product that competes with [the agency’s] own free offer of credit monitoring services to [data breach victims] is unfair, particularly if consumers are not sure if their information was compromised.” Accordingly, the letter requests that the agency temporarily disable links to fee-based services and extend the offer of free services until at least January 31, 2018. Further, the letter also expresses concern that consumers must pay for a security freeze with other credit monitoring companies and states that the agency should reimburse consumers who incur fees to completely freeze their credit.

    Privacy/Cyber Risk & Data Security Credit Reporting Agency State AG NYDFS Enforcement

    Share page with AddThis
  • CFPB Takes Action Against Delaware Trusts, Debt Collector for Allegedly Filing Illegal Student Loan Debt Collection Lawsuits

    Consumer Finance

    On September 18, the CFPB announced it had filed a complaint in the U.S. District Court for the District of Delaware against a collection of 15 Delaware statutory trusts and their debt collector for, among other things, allegedly filing lawsuits against consumers for private student loan debt that they could not prove was owed or that was outside the applicable statute of limitations. According to the CFPB, between 2001 and 2007, the trusts bought and securitized more than 800,000 private student loans, while the trusts contracted with the debt collector to collect on delinquent and defaulted loans. The complaint alleges that the trusts and debt collector engaged in deceptive and unfair practices between November 2012 and the end of April 2016 by: (i) filing false and misleading affidavits, including more than 25,000 affidavits that were notarized by notaries who had not witnessed the documents being signed; (ii) filing at least 2,000 suits to collect loans without the necessary documentation to show that the trusts owned the loans or to prove that a debt was owed; (iii) filing at least 486 collection suits after the statute of limitations had expired; and (iv) in some instances, providing court testimony consistent with the false affidavit statements. As a result, the trusts and the debt collector allegedly obtained over $21.7 million in judgments against consumers and collected an estimated $3.5 million in payments in cases where they lacked the intent or ability to prove the claims, if contested.

    According to the proposed consent judgment, which must be approved by a judge in the district court, the trusts are required to pay at least $3.5 million in restitution to more than 2,000 consumers who made payments resulting from the improper collection suits, to pay $7.8 million in disgorgement to the Treasury Department, and to pay an additional $7.8 million civil money penalty to the CFPB. In addition, the trusts must: (i) hire an independent auditor, subject to the Bureau’s approval, to audit all 800,000 student loans in the portfolio to determine if collection efforts must be stopped on additional accounts; (ii) cease collection attempts on loans that lack proper documentation or that are time-barred; and (iii) ensure false or misleading documents are not filed and that documents requiring notarization are handled properly.

    A separate consent order issued against the debt collector orders the company to pay a $2.5 million civil money penalty to the CFPB.

    Consumer Finance CFPB Student Lending Debt Collection Enforcement

    Share page with AddThis

Pages