InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
FTC sues for-profit university for deceptive and illegal practices
On December 27, 2023, the FTC filed a suit in the U.S. District Court of Arizona against a for-profit university for allegedly deceiving students, misrepresenting the university as a nonprofit entity, and committing telemarking abuses. The FTC sued under the FTC Act and Telemarketing Sales Rule (TSR). The complaint alleges that the university in question is a for-profit institution operating as a publicly traded entity, but nonetheless marketed itself as a “nonprofit” university. The complaint further alleges that the university misled students about the cost of its “accelerated” doctoral programs and used abusive telemarketing calls to try to boost enrollment. According to the FTC, the university called those who requested not to be called by the university, as well as consumers on the National Do Not Call Registry. The FTC asserts five claims against the university. The first two counts allege violations of Section 5(a) of the FTC Act for deceptive representations about its non-profit status and for falsely advertising its doctoral programs. The last three counts allege violations of the TSR predicated on deceptive telemarketing acts or practices, contacting those who have requested to not be contacted, and calling people on the National Do Not Call Registry.
DOJ announces crackdown on fraud networks targeting consumer accounts
On December 15, in conjunction with the DOJ’s Consumer Protection Branch efforts to crack down on fraud, the DOJ unsealed two cases against groups that allegedly stole money from consumer accounts with financial institutions. According to the DOJ, the groups used “deceptive tactics” to cover the fraud, and in the two cases, the Department is seeking “temporary restraining orders and the appointment of receivers to stop defendants from dissipating assets.”
The first case (in the U.S. District Court for the Southern District of Florida) involves a group that allegedly committed bank and wire fraud and stole millions from consumers and small businesses by repeatedly creating sham companies. According to the complaint, since at least 2017, the defendants operated fraud schemes disguised as legitimate online marketing service providers by fabricating websites, forging consumer authorizations for charges, and establishing a “customer service” call center to handle complaints. The defendants allegedly obtained bank account information from individuals and small businesses without permission and utilized payment processors to make unauthorized debits to accounts. The DOJ claims that, to carry out the fraud, the defendants used remotely created checks, which are created remotely by a payee using the account holder’s information but without their signature. The second case (in the U.S. District Court for the Eastern District of California) bears many similarities to the first case, including the type of alleged fraud scheme. Both cases also involve the use of “microtransactions,” which are low-dollar fake transactions designed to artificially lower the apparent rate of return or rejected transactions. The defendants in the second case in particular allegedly gathered large deposits from their merchant clients and used those funds to initiate microtransactions that appeared as if they were payments for the merchants’ goods and services. Essentially, according to the Department’s complaint, the merchants paid themselves: the funds initially paid to the defendants were returned to the merchants as microtransactions, while the defendants allegedly collected a percentage of the transactions as service fees.
FTC announces settlement of charges against operators of alleged telemarketing training scheme
On December 11, the FTC issued a press release announcing proposed orders against the CEO and other related individuals and businesses of an income telemarketing training scheme. In connection with the settlement, the FTC filed a complaint in the U.S. District Court of the Middle District of Tennessee alleging violations of the FTC Act and the Telemarking and Consumer Fraud and Abuse Prevention Act. The FTC alleged that the defendants, a Tennessee-based group of companies, practiced deceptive and unlawful advertising, marketing, promotion, distribution, and selling of money-making and investment opportunities in offering a sales mentor program. The complaint alleges defendants performed these acts through several business entities via a telemarketing sales training and coaching program and through marketing practices on social media platforms. Since 2019, consumers paid more than $29 million to defendants for access to this sales training program.
The FTC filed two stipulated judgments for “permanent injunction, monetary judgment, and other reliefs.” The orders contain a total monetary judgment of $16.4 million. The stipulated orders also prohibit the defendants from: (i) making misleading earnings claims, so if the defendants make earnings claim in the future, they have to have a reasonable basis for those claims; and (ii) misrepresenting any sales of goods or services, including the description of the good or service, any past performance, any testimonials, any future predictions of profit earnings, among others. The defendants will also be required to turn over a total of $1 million to be used to refund harmed consumers, with one CEO ordered to pay $600,000 and the other defendants ordered to pay $400,000. All defendants neither admit nor deny any of the allegations in the complaint.
SEC and DOJ charge two co-CEOs operating a $100 million fraud scheme
On November 9, the SEC and DOJ charged two co-CEOs of a tech investment firm for allegedly directing a $100 million fraud scheme. The two individuals were the founders of a failed Fresno-based technology company and were charged with “conspiring to commit wire fraud and taking more than $100,000,000 from various businesses and individuals” under U.S.C. § 1349. The two founders allegedly misled investors through falsified documents, bank records, auditing reports, and accounting statements.
The DOJ alleges that, as recently as January 2022, “[the two individuals lied] to board members, investors, lenders, and others about [the company’s] finances to obtain investments, loans, and other funding… Much of the money went towards paying payroll, including the [co-CEOs’] $600,000 per year salaries.” Authorities discovered the alleged fraud scheme back in May 2023 when the company failed to make payroll and then terminated all its 900 employees. If convicted, the two founders face a maximum statutory penalty of 20 years in prison each and a $250,000 fine.
Fed seeks comment on lowering the interchange fee for debit card issuers
On October 25, the Fed announced a proposed rule that would lower the maximum interchange fee that a debit card issuer with at least $10 billion in total consolidated assets can receive for a debit card transaction and would also establish a regular process for updating the maximum fee amount every other year going forward. Moreover, the Board approved the release of its latest biennial report which sets forth data collected from larger debit card issuers on interchange fees, issuer costs, and fraud related to debit card transactions.
Under the Dodd-Frank Act, the Fed is required to establish standards for assessing whether the amount of any interchange fee received by a debit card issuer is reasonable and proportional to the costs incurred by the issuer for the applicable transaction, which results in the Fed setting an interchange fee cap. The FRB developed the fee cap in 2011 using data provided by large debit card issuers with $10 billion or more in assets. But since that time, the Fed has found that certain costs incurred by such debit card issuers have declined dramatically, yet the interchange fee cap has remained the same. As such, the Fed (i) proposes to update the interchange fee cap based on the latest data reported to the Board by large debit card issuers, and (ii) proposes to update the fee cap every other year by linking the fee cap to data from the Fed’s biennial report of large debit card issuers.
The comment period will close 90 days after the proposal is published in the Federal Register.
FTC reports on efforts to combat cross-border fraud and ransomware attacks
On October 20, the FTC published two reports outlining its efforts to protect consumers against cross-border fraud and ransomware attacks.
In the first report, the FTC described the US SAFE Web Act (SAFE WEB), passed in 2006, as an “indispensable” tool to combat cross-border fraud and protect consumers in an increasingly global and digital economy. For example, the report noted that since SAFE WEB was passed, the FTC has used the law in myriad ways: issuing more than 140 civil investigative demands on behalf of 21 foreign agencies from eight countries; engaging in 148 staff exchanges to build cooperation with foreign counterparts; and sharing confidential information from FTC files with 43 law enforcement agencies in twenty different countries. The report also indicated that SAFE WEB has allowed the FTC to pursue and stop harmful conduct in the US and defend against challenges to its jurisdictional authority over foreign companies targeting American consumers. Notably, SAFE WEB helped the FTC (i) shut down a real estate investment scam that took in more than $100 million (the largest such scheme the FTC has ever targeted); (ii) cooperate with privacy authorities in Canada and the United Kingdom to pursue actions against an online dating site that deceived consumers and failed to protect the account and profile information of more than 36 million individuals; (iii) and work with foreign law enforcement agencies to stop fraudulent money transfers to certain money transfer companies located in Spain in connection with a Nigerian email scam. The FTC recommends that Congress permanently reauthorize SAFE WEB to preserve the agency’s ability to fight cross-border fraud.
In the second report, the FTC discussed its work to target ransomware and other cyber-attacks. The FTC highlighted its longstanding data security enforcement program, which seeks to ensure that businesses engage in reasonable practices to protect the data of their customers. Moreover, the RANSOMWARE Act refers specifically to China, Russia, North Korea, and Iran. The report stated that although the FTC has taken data security-related enforcement actions involving connections to China and Russia, the FTC has had limited interactions with government agencies in China, Russia, North Korea, and Iran. The report included several recommendations for Congress, including making SAFE WEB permanent, amending a provision in the FTC act which would restore the FTC’s ability to provide refunds to harmed consumers, and enacting privacy and data security legislation which would be enforceable by the FTC. The FTC also urged businesses to take steps to safeguard customer data, including retaining information only so long as there is a legitimate business need, restricting access to sensitive data, and storing personal information securely and protecting it during transmission.
FTC data spotlight reveals social media as primary source for scams over other contact methods
On October 6, the FTC released a data spotlight showing that more scams have originated on social media than on any other method of contact with consumers, accounting for $2.7 billion in consumer losses from 2021 to 2023. The FTC reports that the most frequently reported frauds in 2023 were online shopping scams on social media. However, promotions of fake investment opportunities, mostly those relating to cryptocurrency, on social media had the largest overall monetary losses. The FTC also provided a list of tips for consumers to limit their risks of fraud on social media, including restricting who can contact them on these platforms.
District Court grants summary judgement for bank in “spoofing” case
On September 29, the U.S. District Court for the Southern District of New York granted summary judgement on all claims in favor of the defendant bank, while denying summary judgement for the New Jersey-based plaintiff. The plaintiff alleged violations of the UCC, breach of contract, and gross negligence arising from a “spoofing” fraud incident that resulted in more than $8.5 million being wired from the plaintiff’s account with the defendant. The district court reasoned that the plaintiff was not entitled to a refund because the plaintiff’s employees authorized the wires – and claims under Section 4-A of the UCC require that a payment order be both not authorized and not effective in order to refund a payment. The court rejected the plaintiff’s argument that the wires were improper because the bank’s policy prohibited bank employees from authorizing wires over $500,000 – noting that the policy was for “internal use only,” and solely for the bank’s protection. Further, the court rejected the plaintiff’s common law claims as pre-empted by Article 4-A.
Senate Banking Committee debates AI in finance: balancing opportunities and risks
On September 20, the Senate Banking Committee held its first hearing on the use of artificial intelligence (AI) in the financial services space, further revealing a partisan divide regarding the utilities and risks associated with the technology. In his opening remarks, Committee Chairman Sherrod Brown cautioned that although AI technology promises new efficiencies and opportunities, it also carries unique risk of harm to consumers and workers in the financial services space, including the potential for discriminatory practices in lending and the reduction of job security and wages. He called for “rigorous testing and evaluation of AI models” before they are put to use by companies and other organizations in the financial services space. By contrast, Chairman Brown’s counterpart, Acting Ranking Member Mike Rounds touted the successes that similar technologies have brought to the financial services industry and stated that AI presents more upside than risk, particularly in the space of fraud detection and prevention. He urged Congress to take a “pro-innovative” role in regulating AI and warned that halting or slowing progress in this space will only allow competitors in other countries to develop more advanced technologies.
The Committee then heard from several witnesses working in the AI and machine learning (ML) space, including both industry professionals and professors. Overall, these witnesses championed the potentials of AI, explaining its potential for “greater efficiency, enhanced insight, expanded access, and lower costs” but cautioned that the utilization of AI and ML is not a “one size fits all” model and will require careful consideration and oversight to minimize the risks it could pose to consumers and the markets.
7th Circuit: No causation in FCA claims against mortgage servicer
On June 14, the U.S. Court of Appeals for the Seventh Circuit affirmed a district court’s grant of summary judgment in favor of a defendant mortgage servicer, holding that while the plaintiff had sufficient proof of materiality with respect to alleged violations of the False Claims Act (FCA), plaintiff failed to meet her burden of proof on the element of causation. Plaintiff (formerly employed by the defendant as an underwriter) alleged the defendant made false representations to HUD in the course of certifying residential mortgage loans for federal insurance coverage. She maintained that HUD would not have endorsed the loans for federal insurance if it had known defendant was not satisfying the agency’s minimum underwriting guidelines. Defendant moved for summary judgment after the district court excluded the bulk of plaintiff’s “expert opinion,” arguing that plaintiff could not meet her evidentiary burden on the available record. The district court sided with defendant, ruling that as a matter of law, plaintiff could not prove either materiality (due to the lack of evidence that would allow “a reasonable factfinder to conclude that HUD viewed the alleged underwriting deficiencies as important”) or causation (the false statement caused the government’s loss).
On appeal, the 7th Circuit explained that to show proximate causation, plaintiff was required to identify evidence indicating that the alleged false certifications in reviewed loans were the foreseeable cause of later defaults, as defaults trigger HUD’s payment obligations. The appellate court noted that “it is not clear how a factfinder would even spot the alleged false statement in each loan file, let alone evaluate its seriousness and scope.” Without further evidence indicating how defendant’s alleged misrepresentations caused subsequent defaults, the plaintiff’s claims could not survive summary judgment.
However, the 7th Circuit disagreed with the district court’s reasoning with respect to materiality under the FCA. Although the district court held that plaintiff had failed to establish materiality, the appellate court determined that because HUD’s regulations “provide some guidance, in HUD’s own voice, about the false certifications that improperly induce the issuance of federal insurance, and those are precisely the false certifications present here” there was enough evidence to “clear the summary judgment hurdle” on this issue.