Skip to main content
Menu Icon Menu Icon

InfoBytes Blog

Financial Services Law Insights and Observations
Section Content

Upcoming Events


Subscribe to our InfoBytes Blog weekly newsletter for news affecting the financial services industry.

  • Colorado UCCC Administrator Opinion Provides Guidance on Debt Cancellation and Suspension Agreement Fees

    State Issues

    On August 7, the Colorado Attorney General’s Office, through the Administrator of the Uniform Consumer Credit Code (UCCC), issued an Administrator Opinion to provide clarification on fees related to debt cancellation and suspension agreements. The UCCC has adopted and authorized rules permitting additional charges to be assessed in addition to a finance charge, such as fees for Single Premium Non-Credit Insurance, Involuntary Unemployment Insurance Premiums, and Guaranteed Automobile Protection. However, because the UCCC has not yet adopted by rule permissible fees for debt cancellation and suspension agreements, those fees must be included in the calculation of the finance charge, even if they are “permitted by federal or state law or regulation—including debt cancellation and suspension agreements offered by Colorado-[c]hartered [b]anks, Colorado-[c]harted [i]ndustrial [b]anks, and Colorado-[c]hartered [c]redit [u]nions.” This Administrator Opinion rescinds the November 9, 2004 Advisory Opinion titled “Debt Cancellation and Suspension Agreements Offered by Colorado-Chartered Banks, Colorado-Chartered Industrial Banks, and Colorado Chartered Credit Unions.” Organizations have 120 days to comply with the newly issued guidance.

    State Issues State AG Auto Finance Debt Cancellation UCCC

    Share page with AddThis
  • National Insurance Company Settles States’ Investigation over 2012 Data Breach, Pays $5.5 Million in Settlement

    Privacy, Cyber Risk & Data Security

    On August 9, a national insurance company and its wholly-owned subsidiary reached a $5.5 million settlement with 32 states and the District of Columbia to resolve the states’ investigation into a 2012 data breach, which allegedly caused the personal information of certain consumers to be compromised—including social security and driver’s license numbers, as well as credit scoring information and other data. According to the states’ investigation, the October 2012 data breach occurred when hackers were able to exploit a vulnerability in the company’s website application hosting software. A security patch was later applied. Under the terms of the Assurance of Voluntary Compliance, the company agreed to a number of requirements, including:

    • providing an online disclosure notifying consumers that personal information is retained even if they do not become insured;
    • appointing an individual to oversee company security practices and manage and monitor software and application security updates, including security patch monitoring; and
    • hiring an outside, independent provider to conduct a “patch management audit” of the company’s covered systems.

    The majority of the requirements last three years.

    The company, while admitting that it experienced a data breach, denied any liability or wrongdoing.

    Privacy/Cyber Risk & Data Security Settlement State AG

    Share page with AddThis
  • Virginia AG Announces Settlement with Small Dollar Lender Over Excessive Fees

    State Issues

    On August 1, Virginia Attorney General Mark Herring announced​ a settlement with a Virginia pawnbroker to resolve allegations that the company violated the Virginia Consumer Protection Act (VCPA) by offering consumers small dollar loans in exchange for personal property—held as security for the loans—and then charging interest and fees beyond the limits allowed by the state’s statutes applicable to pawnbrokers. According to a press release issued by the Attorney General’s office, the settlement requires the company to provide refunds of more than $27,000 to borrowers and reimburse the state for expenses incurred during the investigation. A permanent injunction also prohibits the company from violating state pawnbroker statutes and the VCPA.

    State Issues State AG Lending Payday Lending

    Share page with AddThis
  • Massachusetts AG Announces Settlement with Law Firm Over Debt Collection Practices

    State Issues

    On June 27, Massachusetts Attorney General Maura Healey announced a $1 million settlement with the largest debt collection law firm in the state to resolve allegations that the firm engaged in unfair and unlawful debt collection practices. According to a lawsuit filed by the Attorney General’s office in 2015, the firm began filing tens of thousands of debt collection lawsuits each year beginning in 2011, at times targeting the wrong consumers or filing claims based on unsubstantiated debts. The firm also allegedly demanded payment from consumers who relied on social security or other exempt income, despite being provided evidence that the income was exempt from court-ordered collection. Under the terms of the settlement, the company is required to reform its debt collection practices by adhering to guidelines including the following:

    • The firm is required to obtain and review “original account-level documentation” prior to initiating a collection to determine whether a consumer is obligated to pay the debt such as, among others, (i) an authenticated bill of sale reflecting the transferred ownership of debt; (ii) original documents reflecting the charge-off balance; (iii) contractual terms and conditions; and (iv) original consumer signed documents showing proof the account was opened;
    • The firm is prohibited from engaging in threatening actions to collect on a debt initiated on behalf of a collector or debt buyer, and is further restrained from commencing a collection suit without possessing a final judgment or execution against the consumer, or acceptable account-level documentation;
    • The firm cannot initiate a collection suit against a consumer until an attorney listed on the company in the collection suit has reviewed the pertinent information and made the determination that the debt owed is not subject to bankruptcy proceedings and certifies in writing that the collection suit is in compliance.

    The settlement terms also stipulate that the firm must comply with collection terms and restrictions concerning exempt and protected income, must adhere to time-barred debt collection restrictions, is enjoined from using false and misleading affidavits to collect debts, and must submit enhanced compliance reporting to AG Healey for review. Additionally, the firm previously paid $1 million to the state to be used in one or more of the following ways: (i) as payments to consumers; (ii) to assist with final judgment facilitation; (iii) to be added to the state’s general fund and/or the Local Consumer Aid Fund; and (iv) to fund programs that “address the negative effect of unfair and deceptive practices related to debt collection.”

    State Issues State AG Debt Collection UDAAP Litigation Settlement

    Share page with AddThis
  • Massachusetts AG Leads AG Coalition Urging Senate to Oppose Joint Resolution to Set Aside CFPB Arbitration Rule

    Agency Rule-Making & Guidance

    On July 28, Massachusetts Attorney General Maura Healey, along with 20 other state attorneys general, issued a letter to Senate Majority leader Mitch McConnell and Minority Leader Charles Schumer, urging Senate leaders to oppose S.J.Res. 47—a joint resolution that would set aside the CFPB’s arbitration rule. As previously discussed in InfoBytes, on July 25, the House exercised its authority under the Congressional Review Act to pass a measure to strike down the rule. The coalition of state attorneys general support the CFPB’s proposed rule, which prohibits the use of mandatory pre-dispute arbitration clauses in certain contracts for consumer financial products and services. The letter asserts that most customers lack the time and resources to enter into arbitration and that “[t]he CFPB’s Arbitration Rule would deliver essential relief to consumers, hold financial services companies accountable for their misconduct, and provide ordinary consumers with meaningful access to the civil justice system.”

    In 2016, AG Healey led a group of 17 state attorneys general who offered support to the CFPB in favor of the Bureau’s proposed rule and asserted a need for regulations that would prohibit such clauses outright. (See previous InfoBytes coverage here.)

    Agency Rule-Making & Guidance State AG CFPB Consumer Finance Arbitration CRA U.S. Senate U.S. House

    Share page with AddThis
  • District Judge Denies Summary Judgement in FTC, New York AG FDCPA Suit


    On July 18, the U.S. District Court for the Western District of New York denied summary judgment in a suit filed by the FTC and the New York Attorney General against four corporate defendants (Corporate Defendants) and four individual defendants (Individual Defendants) alleging that the Defendants engaged in abusive and deceptive debt collection practices. See Federal Trade Commission and People of the State of New York v. Vantage Point Services, LLC, Case 1:15-cv-00006-WMS-HKS (W.D.N.Y., Jul. 18, 2017). Plaintiffs argued that the Corporate Defendants, together with several non-defendant debt-collecting businesses, engaged in a single debt-collection enterprise. The Corporate Defendants maintained, however, that while they “did business with the various entities, either by placing debt with them or by processing payments on debt they were collecting,” the businesses remained separate, distinct entities, and they operated independently.

    The court found that there were “numerous disputed issues of fact” concerning the plaintiffs’ common enterprise theory, including a failure by the plaintiffs to specify which entities allegedly made threats or used illegal tactics to collect debt. Indeed, the court noted that while there was “overwhelming evidence of wrongdoing,” the plaintiffs had “failed to link that wrongdoing to any specific Defendant.” In fact, the court observed that the “majority of the wrongdoing appears to have been committed by the non-defendant call initiators.” The court also found material disputes of fact as to whether the Corporate Defendants shared office space and commingled funds and as to whether the Individual Defendants were liable at all.

    Courts State AG Debt Collection Litigation UDAAP FDCPA

    Share page with AddThis
  • Ohio Enacts Consumer Installment Loan Act

    State Issues

    On June 13, Ohio Governor John R. Kasich signed into law S.B. 24, the Ohio Consumer Installment Loan Act (CILA). According to a blog post on the Ohio senate majority caucus’ website, CILA aims to “clarify Ohio's installment lending laws to help eliminate confusion for consumers and lenders as well as simplify the role of industry regulators.” CILA applies to loans that, among other requirements, exceed a term of six months, generally require equal monthly payments, are not secured by real property, are not covered by any other Ohio loan laws, and have a maximum interest rate of 25 percent (or 28 percent for an open-end loan). CILA also provides for regulation and lender licensing by the state’s Division of Financial Institutions in the Department of Commerce. The law goes into effect on July 1.

    State Issues Consumer Finance Installment Loans Lending NMLS State AG State Legislation

    Share page with AddThis
  • Judge Issues Ruling Ordering Unused Consumer Redress Funds to be Deposited in the Treasury


    On June 20, a federal judge in the U.S. District Court for the Southern District of New York ordered that leftover funds from a $50 million settlement must be transferred to the Treasury, ultimately ruling against a memorandum filed by the Attorneys General of Connecticut, Indiana, Kansas, and Vermont (State AGs) that sought to redirect the remaining $15 million to be used to “train, support and improve the coordination of the state consumer protection attorneys charged with enforcement of the laws prohibiting the type of unfair and deceptive practices alleged by the CFPB in this [a]ction.” (See previous InfoBytes summary here.) Notably, the judge stated, “the State AGs’ proposal does not reflect the [settling] parties' true intent . . . Nowhere in the Final Judgment or the Redress Plan is there any language supporting the State AGs’ view that leftover funds should broadly aid consumers.” The judge opines further that “[c]ondoning an unintended use of the settlement funds—in the absence of any other equitable relief reasonably related to the allegations of the Complaint—would be tantamount to misappropriating funds that otherwise should be in the public fisc.” The judge further noted that had the State AGs’ memorandum been granted, it would “permit State actors . . . to hijack a significant portion of the settlement funds under the guise of ‘consumer protection,’ all for the purpose of underwriting a project that principally benefits the States.”

    Courts Consumer Finance CFPB DOJ State AG Litigation Treasury Department

    Share page with AddThis
  • Bipartisan Coalition of State Attorneys General File Petition to the FCC Seeking Broadband Consumer Protections

    Agency Rule-Making & Guidance

    On June 19, New York Attorney General Eric T. Schneiderman announced a petition filed on behalf of a bipartisan coalition of 35 state attorneys general to jointly oppose a cable and telecommunications industry petition, which is intended to stop state and local authorities from enforcing state consumer protection laws and leave the regulating of broadband disclosure requirements to the authority of the FCC. In seeking a declaratory ruling from the FCC, the industry groups request confirmation and clarification on federal regulatory requirements governing broadband speed disclosures, and further assert that “national, uniform rules [are] particularly important” once the FCC launches procedures to implement a “national ‘light-touch framework.’” In response to the petition, the FCC filed a public notice for comment on May 17. The state attorneys general, in responding to the request, claim the petition “asks the FCC to convert a limited safe harbor from FCC’s own enforcement, into blanket federal and state immunity for fixed and wireless broadband companies from liability for false statements contained in advertisements and marketing.” Furthermore, they assert that the industry groups are seeking a ruling that exceeds the FCC’s authority, is “procedurally improper,” and would “upend the longstanding dual federal-state regulation of deceptive practices in the telecommunications industry—which would leave consumers across the country without the basic state protections from unfair and deceptive business practices.”

    Agency Rule-Making & Guidance Privacy/Cyber Risk & Data Security State AG Disclosures

    Share page with AddThis
  • 15 State Attorneys General Clarify Data Breach Notification Laws

    Privacy, Cyber Risk & Data Security

    On June 5, 15 state attorneys general issued a joint letter to an e-commerce hosting company refuting the company’s assertion in its FAQ provided to online retailers that they are not obligated to notify customers of a data breach in situations where credit card CVV numbers were not disclosed. According to claims made by the attorneys general, the company erroneously stated that, pursuant to the identified states’ data breach notification laws, “there is no obligation to notify in those states . . . if your customers’ CVV data was not exposed.” The attorneys general argued that this is incorrect and stated, “[t]he CVV number does not have to be disclosed to trigger our states’ notification obligations.” The letter noted as an example, New York General Business Law § 899-aa(1)(b)(3), which stipulates that companies must provide notification of a data breach to affected customers when a credit or debit card number plus “any required security code, access code, or password” that would permit access to the account is obtained by an unauthorized party. The attorneys general stated that a CVV code is not a required access code because the card can be used without it. The company is required to provide clarification regarding its FAQ to affected client retailers.

    Privacy/Cyber Risk & Data Security State AG Data Breach Credit Cards Consumer Finance

    Share page with AddThis