Skip to main content
Menu Icon Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations
Section Content

Upcoming Events

Filter

Subscribe to our InfoBytes Blog weekly newsletter for news affecting the financial services industry.

  • Deputy AG Rosenstein Underscores Importance of Consistency in FCPA Enforcement

    Financial Crimes

    Deputy Attorney General Rod Rosenstein recently issued remarks highlighting the importance of the DOJ’s consistency in enforcing policies “hold[ing] individuals accountable for corporate wrongdoing.” In particular, Deputy AG Rosenstein stated that the agency should focus on improving the recent track record of brining criminal proceedings against company employees—noting that the last 20 DOJ corporate FCPA enforcement actions have lacked related criminal charges against company employees—and that, going back to 2008, approximately 80% of DOJ corporate FCPA enforcement actions have lacked related criminal charges against company employees. He noted that various DOJ policies, including the Yates Memo and the FCPA Pilot Program, have shifted the focus away from entity liability, and toward issues surrounding individual officer or director liability.

    The comments are yet another in the steady drumbeat of calls, both internal and external to the DOJ, for DOJ enforcement strategy to hold individual corporate employees accountable for FCPA violations, although how much that strategy is being implemented remains to be seen. As Deputy AG Rosenstein’s comments concluded: “When we are serious about wanting people to follow rules, it does no good merely to post them. We need to make clear our intent to enforce the rules, with sufficient vigor that people fear the consequences of violating them.”

    Financial Crimes FCPA Enforcement Action State AG DOJ FCPA Pilot Program

    Share page with AddThis
  • Life Science Research Company Appeals $11 Million Verdict Awarded to FCPA Whistleblower

    Financial Crimes

    Following a $55 million civil and criminal FCPA settlement by a life science research and diagnostics company in November 2014, the company’s former General Counsel and Secretary filed a civil complaint against the company and executive officers and board members alleging that he was fired for blowing the whistle on FCPA issues. In February 2017 a jury awarded the former employee a total of $11 million in punitive and compensatory damages (including double back-pay under Dodd-Frank).

    The company recently appealed that verdict to the Ninth Circuit on the grounds that the trial court should have directed the verdict in favor of the company because, it argues, the alleged FCPA violations were the result of the former employee’s lack of due diligence, because he did not first consult the company’s compliance officers and FCPA lawyers before reporting, and because his allegations were discredited by trial witnesses. The company also claims that the trial court wrongly excluded certain impeachment testimony, and that he did not qualify as a “whistleblower” under Dodd-Frank in light of his internal reporting. 

    Financial Crimes FCPA Whistleblower

    Share page with AddThis
  • OCC Acting Comptroller Discusses Innovation and Technology in the Financial Services Industry

    FinTech

    On October 19, OCC Acting Comptroller of the Currency Keith A. Noreika spoke at Georgetown University’s Institute of International Economic Law’s Fintech Week to discuss innovation within the financial technology sector and its impact on the evolution of the financial services marketplace. “[W]hat has allowed the business of banking to evolve so successfully is that we have remained open to change and created a framework of laws and regulation over time that allows banking activities to evolve,” Noreika remarked. “[W]e have to be careful to avoid defining banking too narrowly or in a stagnant way that prevents the system from taking advantage of responsible advances in technology and commerce.”

    Noreika spoke about the OCC’s Office of Innovation (Office), which was created earlier this year to facilitate discussions related to fintech and financial innovation. A pilot framework is currently being developed by the Office to create a “controlled environment” for banks to develop and test products to provide insight into a “proposed product’s controls and risks” and how it might possibly impact OCC policies in the future.

    Noreika also discussed the OCC’s position on issuing special purpose national bank charters to non-depository fintech companies seeking to expand into the banking sector—a concept currently being contested by both the Conference of State Bank Supervisors (CSBS) and the New York Department of Financial Services (NYDFS), and one which the OCC has not yet made a decision (See previous InfoBytes coverage of CSBS’ and NYDFS’ challenges here and here.) Addressing claims that fintech charters would inappropriately mix banking and commerce, Noreika refuted the argument and stated that his suggestion was to “talk to any company interested in becoming a bank and that commercial companies should not be prohibited from applying—if they meet the criteria for doing so.” Further, a “chartered entity, regulated by the OCC, would be a bank, engaged in at least one of the core activities of banking” as defined by the Bank Holding Company Act.

    Fintech OCC Bank Holding Company Act CSBS NYDFS Banking

    Share page with AddThis
  • European Commission Releases First Annual E.U.-U.S. Privacy Shield Review; Framework Works Well With Room for Improvement

    Privacy, Cyber Risk & Data Security

    On October 18, the European Commission (Commission) released its first annual review of the E.U.-U.S. Privacy Shield (Privacy Shield) framework for transatlantic data transfers, citing the Privacy Shield “ensures an adequate level of protection for personal data,” but “there is some room for improving its implementation.” In the report, the Commission’s findings and conclusions cover topics including: (i) redress options for EU individuals; (ii) complaint handling and enforcement procedures to “safeguard individual rights”; (iii) cooperation with European Data protection authorities; and (iv) the process for  certifying companies under the Privacy Shield. However, the report also makes recommendations for improvement, such as (i) increasing U.S. oversight into whether U.S. companies are complying with the Privacy Shield’s requirements to protect European’s personal data; (ii) conducting regular reviews to ensure companies are not making false claims about their participation in the Privacy Shield; and (iii) establishing a closer means of communication between “privacy enforcers” to develop guidance.

    Acting FTC Chairman Maureen K. Ohlhausen commented on the Commission’s review: “Enforcing international privacy frameworks such as Privacy Shield is an integral part of our Privacy and Data Security program, as highlighted in three recently announced Privacy Shield enforcement actions. We look forward to continuing to work with our European counterparts to ensure that the Privacy Shield remains a robust mechanism for protecting privacy and enabling transatlantic data flows.” (See InfoBytes coverage of the three FTC enforcement actions here, and refer here for previous InfoBytes coverage of the Privacy Shield.)

    Privacy/Cyber Risk & Data Security FTC Enforcement International

    Share page with AddThis
  • CFPB Publishes Mortgage Servicing Small Entity Compliance Guide and Executive Summary

    Agency Rule-Making & Guidance

    On October 19, the CFPB released version 3.0 of its mortgage servicing Small Entity Compliance Guide. The updated guide supports implementation of amendments to the Bureau’s mortgage servicing interim final rule issued October 4, which provides servicers, who are subject to a cease in communication request, a 10-day window to provide modified early intervention notices at the end of the 180-day period. The interim final rule takes effect October 19, at the same time the broader amendments to the early intervention requirements take effect. (See previous InfoBytes coverage here.) An updated Executive Summary, which highlights key changes to provisions of the 2016 Mortgage Servicing Rule, the 2016 FDCPA Interpretive Rule, and the October 2017 interim final rule has also been released.

    Agency Rule-Making & Guidance CFPB Mortgage Servicing FDCPA

    Share page with AddThis
  • NYDFS Announces Two New Regulations Targeting Title Insurance Practices

    State Issues

    On October 17, the New York Department of Financial Services (NYDFS) adopted two final regulations designed to stop “unscrupulous practices” in the title insurance industry. The final regulations—which are the culmination of a NYDFS’ investigation into the practices of title insurers—supersede “emergency” versions of both regulations that went into effect earlier this year. (See previously InfoBytes coverage here.) Specifically, the first rule clarifies that certain “reasonable and customary” advertising and marketing expenses will be permitted provided “they are without regard to insured status or conditioned directly or indirectly on the referral of title business.” Meals, entertainment, and other forms of inducements are prohibited. According to a NYDFS press release, the state’s “anti-inducement statute is not limited to situations in which there is a direct quid pro quo for business.” The second rule requires, among other things, that title insurance companies or agents function independently from any affiliates through which they generate a portion of their business and make “good faith” efforts to accept business from non-affiliate sources.

    State Issues Consumer Finance NYDFS Kickback Title Insurance Mortgages

    Share page with AddThis
  • CFPB Updates HMDA Implementation Materials; Federal Regulatory Agencies Release Key Data Fields

    Agency Rule-Making & Guidance

    On October 17, the CFPB published a new reference chart titled “Reportable HMDA Data: A Regulatory and Reporting Overview Reference” designed to be used as a reference tool for required data points to be collected, recorded, and reported under Regulation C. The chart takes into account HMDA rules issued on August 24, which generally take effect January 1, 2018. (See previous InfoBytes coverage here.) The CFPB noted that the reporting reference chart “does not itself establish any binding obligations” and is not intended to be viewed as a “substitute for the regulation or its official commentary.”

    Separately that same day, in a measure to promote efficiency and consistency, the Board of Governors of the Federal Reserve, FDIC, and OCC identified 37 key data fields that examiners will typically use to test and validate the accuracy and reliability of data collected under the new HMDA requirements beginning in 2018. In certain circumstances, however, examiners may find it necessary to review additional HMDA data fields as appropriate. OCC Acting Comptroller of the Currency Keith Noreika noted in a statement that these actions should help ensure the accurate collection of HMDA data without creating “needless burden” on community banks surrounding the full resubmission of data “simply because of a few minor errors.”

    Agency Rule-Making & Guidance HMDA Mortgages Regulation C CFPB Federal Reserve FDIC OCC

    Share page with AddThis
  • FTC Obtains Default Judgment Against Operations That Allegedly Sold Counterfeit Payday Loan Debt Portfolios

    Consumer Finance

    On October 17, the FTC issued a press release announcing a default judgment in an action brought against two Kansas-based operations and their owner (defendants), who allegedly violated the Federal Trade Commission Act by selling lists of counterfeit payday loan debt portfolios to debt collectors. The allegations claimed that in numerous instances, the portfolios listed “loans that the identified lenders have not, in fact, made to the identified consumers,” and that the defendants “have not purchased, or otherwise obtained, any rights to collect loan debts originated by the lenders listed . . ., nor have they engaged in any transaction that authorizes them to collect, sell, distribute, or transfer any valid loans originated by those lenders.” As a result, numerous consumers were contacted by various debt collectors demanding repayment of the fake debts, and in some instances, consumers made payments to either stop the collection calls or because they feared becoming delinquent. Under the terms of the default judgment, the defendants (i) must pay more than $4.1 million as equitable monetary relief; (ii) are banned from handling sensitive financial information, such as “bank account numbers, credit or debit card numbers, or social security numbers”; and (iii) are prohibited from misrepresenting material facts.

    Consumer Finance FTC Enforcement Payday Lending Settlement Debt Collection FTC Act Regulator Enforcement

    Share page with AddThis
  • CFPB Issues Principles Concerning Security and Transparency for Financial Data Sharing and Third-Party Aggregation

    Privacy, Cyber Risk & Data Security

    On October 18, the CFPB published guidelines entitled “Consumer Protection Principles” (Principles), which are “intended to reiterate the importance of protecting consumers” when companies, including “fintech” firms, banks, and other financial institutions, get authorization from consumers to access their account data that reside in separate organizations to provide products and services. Earlier this year, industry groups responded to a CFPB request for information and weighed in on the benefits and risks associated with consumers authorizing third parties to access their financial and account information held by financial service providers. (See previous InfoBytes summary here.) Along with the Principles, the CFPB published a summary of stakeholder insights, which highlights the feedback received by the Bureau. Separately, on October 16, Senator Edward J. Markey (D-Mass.) sent a letter to Director Richard Cordray raising concerns about data security during the transfer of consumer data to third-party aggregators and highlighting the need for transparency concerning the use of the data.

    The Principles address the following areas: (i) data access; (ii) data scope and usability; (iii) control of data and informed consent; (iv) payment authorizations; (v) data security; (vi) transparency on data access rights; (vii) data inaccuracies; (viii) dispute rights and unauthorized access resolution; and (ix) mechanisms for efficient and effective accountability.

    Notably, the Bureau recognized that there already exist statutes and regulations that apply to consumer protections in this market. As such, the Principles “are not intended to alter, interpret, or otherwise provide guidance on—although they may accord with—the scope of those existing protections,” and therefore do not establish “binding requirements.”

    Privacy/Cyber Risk & Data Security Consumer Finance CFPB Vendor Management Third-Party Fintech eCommerce

    Share page with AddThis
  • CFTC Issues Primer on Virtual Currencies, Claims Certain Virtual Tokens Fall Under Its Oversight

    Securities

    On October 17, the U.S. Commodity Futures Trading Commission (CFTC) announced the release of “A CFTC Primer of Virtual Currencies” (Primer) issued by its LabCFTC division. As previously discussed in Infobytes, the LabCFTC initiative rolled out in May of this year to engage innovators in the financial technology industry to promote responsible fintech innovation within regulated CFTC markets. In this Primer—a first in a series—the CFTC discusses potential use-cases for virtual currencies and outlines the agency’s role and oversight of virtual currencies. The Primer also highlights the risks associated with virtual currencies, such as (i) the susceptibility of “digital wallets” to cybersecurity hacks; (ii) inadequate safeguards and other customer protection related systems on virtual currency exchanges; and (iii) the susceptibility of virtual currencies to Ponzi schemes and other types of frauds.

    The CFTC noted that there’s no inconsistency between the SEC’s analysis that Initial Coin Offerings or Token Sales may be subject to federal securities law (see previous InfoBytes coverage here) and CFTC’s determination that virtual currencies are commodities and virtual tokens “may be commodities or derivatives contracts, depending on the particular facts and circumstances.” Last month, as discussed in InfoBytes, the CFTC also filed its first-ever antifraud enforcement action for activities involving Bitcoin investment solicitations.

    Securities Fintech Agency Rule-Making & Guidance CFTC Digital Commerce Initial Coin Offerings Virtual Currency Bitcoin SEC

    Share page with AddThis

Pages