InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
FTC bans MCA providers, returns $2.7 million to consumers
On June 6, the FTC obtained a stipulated court order permanently banning a company and owner from participating in the merchant cash advance and debt collection industries. As previously covered by InfoBytes, last June the FTC filed an amended complaint against two New York-based small-business financing companies and a related entity and individuals (including the settling defendants), claiming the defendants engaged in deceptive and unfair practices by, among other things, misrepresenting the terms of their merchant cash advances, using unfair collection practices, deceiving consumers about personal guarantees, forcing consumers and businesses to sign confessions of judgment, providing less funding than promised due to undisclosed fees, and making unauthorized withdrawals from consumers’ accounts. Under the terms of the stipulated order, the settling defendants are required to pay a more than $2.7 million monetary judgment to go towards refunds for harmed consumers and must vacate any judgments against former customers and release any liens against their customers’ property. The announcement notes that the settling defendants are also “prohibited from misleading consumers about any key facts about any good or service, including any fees, the total cost of the product, and other facts that reflect their deceptions in this case.”
Earlier in January, a stipulated order was entered against two other defendants (covered by InfoBytes here), which permanently banned them from participating in the merchant cash advance and debt collection industries and required the payment of a $675,000 monetary judgment.
District Court enters consent order in 2016 CFPB structured settlement action
On May 18, the U.S. District Court for the District of Maryland approved a consent order against defendants in an action concerning allegedly unfair, abusive, and deceptive structured settlement practices. As previously covered by InfoBytes, in 2016 the Bureau initiated an enforcement action against the defendants alleging that they violated the CFPA by employing abusive practices when purchasing structured settlements from consumers in exchange for lump-sum payments. According to the Bureau, the defendants encouraged consumers to take advances on their structured settlements and falsely represented that the consumers were obligated to complete the structured settlement sale, “even if they [later] realized it was not in their best interest.” In July 2021, the court denied the defendants’ motions to dismiss the Bureau’s amended complaint, which argued that the enforcement action was barred by the U.S. Supreme Court’s decision in Seila Law LLC v. CFPB, which held that the director’s for-cause removal provision was unconstitutional (covered by a Buckley Special Alert). The defendants had also argued that that the ratification of the enforcement action “came too late” because the statute of limitations on the CFPA claims had already expired (covered by InfoBytes here). Under the terms of the May 18 consent order, the individual defendant, who “had an ownership interest in [the company] and served in executive positions at [the defendants] from their inception to their dissolution" is prohibited from, among other things, participating or assisting others in participating in transfer of payment streams from structured-settlement holders and referring consumers to a specific individual or for-profit entity for advice concerning any structured-settlement transaction, including for independent professional advice. The individual defendant must also pay a $5,000 civil money penalty.
CFPB exposes private loan servicers’ unfair practices
On May 5, the CFPB discussed examination findings related to private student loan servicers’ alleged failure to follow through with promised loan offers or modifications. The Bureau directed servicers found to have breached their commitments to make “significant remediation amounts” for failing to make promised payments to customers. The Bureau found some servicers offered financial incentives to recruit new customers, but then failed to make the promised payments. In certain instances, servicers’ systems failed to identify customers who earned incentives, and in others, payments were denied based on terms that were not included in the original deal, the Bureau claimed. The Bureau also found that while many servicers offered payment relief options to pause or reduce payments to customers impacted by the Covid-19 pandemic, at least one servicer failed to deliver promised refunds to customers who modified their agreements to allow them to backdate forbearance after making a payment. The Bureau documented two examples of servicers committing unfair acts or practices in this space in its recent spring Supervisory Highlights (covered by InfoBytes here) and warned servicers that it is “closely monitoring” companies that break the law.
CFPB fines bank $10 million over garnishment practices
On May 4, the CFPB announced a consent order against a national bank for allegedly engaging in unfair and deceptive acts or practices in violation of the CFPA by processing out-of-state garnishment orders against its customers’ bank accounts. According to the consent order, since August 2011, the respondent allegedly garnished approximately 3,700 out-of-state accounts. Customers whose accounts were garnished paid at least $592,000 in garnishment fees, the CFPB contended. The respondent allegedly, among other things, misrepresented to customers that their rights to have certain funds exempted from garnishment were governed by the law of the issuing court’s state when, actually, in most states, customers’ own state laws applied. The respondent also allegedly unfairly required customers to “direct” it not to contest garnishment orders and to waive the bank’s liability for its actions regarding the out-of-state garnishment orders, which prevented customers from pursuing legal claims against the respondent for improperly handling garnishment notices. Additionally, the respondent allegedly deceptively represented to customers that since they signed a deposit agreement that included broad language directing respondent not to contest the legal process, customers waived their right to hold the respondent liable for improperly responding to garnishment notices. Under the terms of the consent order, the respondent must, among other things: (i) refund $592,000 in garnishment-related fees to harmed customers; (ii) establish a compliance plan designed to ensure that its garnishment-related conduct pertaining to out-of-state garnishment notices and state exemptions complies with all applicable federal consumer financial laws; (iii) cease communicating to customers that they have purportedly waived any rights regarding garnishment notices as a result of entering into respondent’s deposit agreement; and (iv) pay a $10 million civil penalty to the Bureau.
FTC order targets credit reporter for UDAP violation
On April 7, the FTC finalized an order against a respondent business credit report provider to settle allegations that the respondent engaged in deceptive and unfair practices by failing to provide businesses with a clear, consistent, and reliable process to fix errors in their credit reports, even though the respondent was selling products to those businesses that purported to help the businesses improve their reports. The FTC’s administrative complaint also claimed that the respondent’s telemarketers deceptively pitched another service to businesses and falsely claimed that the businesses had to purchase the service in order for the respondent to complete the business’s credit profile. In addition, the respondent allegedly failed to disclose to businesses that the service’s subscription automatically renewed each year and that other renewal practices could lead to increasing costs (covered by InfoBytes here). Under the terms of the final order, the respondent is required to make substantial changes to its processes and provide refunds to harmed businesses. Measures include (i) deleting disputed information free of charge or conducting a reasonable reinvestigation to determine the accuracy of disputed information in a report of a business; (ii) complying with specific time periods within which to promptly investigate and correct errors; (iii) informing businesses of investigation results and providing businesses with free access to the revised information; (iv) making clear disclosures to businesses about the rate at which the firm accepts subscribers’ requests to add payment history information, as well as its limits for providing assistance in adding such information; (v) allowing current subscribers to cancel their services and obtain refunds; and (vi) placing restrictions on the respondent’s ability to automatically renew subscriptions or switch subscribers into a more expensive product.
CFPB’s UDAAP claims to proceed against mortgage lender
On March 31, the U.S. District Court for the District of Columbia mostly denied motions to dismiss filed by a mortgage lender and four executives (collectively, “defendants”) sued by the CFPB for allegedly engaging in unlawful mortgage lending practices. As previously covered by InfoBytes, the Bureau filed a complaint last year against the defendants alleging violations of several federal laws, including TILA and the CFPA. According to the Bureau, (i) unlicensed employees allegedly offered and negotiated mortgage terms; (ii) company policy regularly required consumers to submit documents for verification before receiving a loan estimate; (iii) employees denied consumers credit without issuing an adverse action notice; and (iv) defendants regularly made misrepresentations about, among other things, the availability and cost savings of FHA streamlined refinance loans.
The mortgage lender had argued in its motion to dismiss that neither TILA nor the Secure and Fair Enforcement for Mortgage Licensing Act (SAFE Act) required the lender to ensure that its individual employees were licensed under state law. In denying the motions to dismiss, the court disagreed with the lender’s position stating that in order for a mortgage originator to comply with TILA, it must also comply with Bureau requirements set out in Regulation Z, including a requirement that “obligates loan originator organizations to ensure that individual loan originators working for them are licensed or registered as required by state and federal laws.”
The court also concluded that the individual defendants must face claims for allegedly engaging in unfair or deceptive practices. The Bureau contended that the company’s chief compliance officer had warned the individual defendants that certain unlicensed employees were engaging in activities requiring licensure, and that the company’s owners approved the business model that permitted the underlying practices. According to the court, an individual “engages” in a UDAAP violation if the individual “participated directly in the practices or acts or had authority to control them” and “‘had or should have had knowledge or awareness’ of the misconduct.” The court rejected defendants’ arguments that it was improper to adopt this standard, and stated that “the fact that a separate theory of liability exists for substantially assisting a corporate defendant’s UDAAP violations has no bearing on how courts evaluate whether an individual defendant himself engaged in a UDAAP violation.”
While the court allowed the count to continue to the extent that it was based on allegations of unlicensed employees performing duties that would require licensure, it found that the complaint did not support an inference that the individual defendants knew that the employees were engaging in activities to make it appear that they were licensed. The court provided the Bureau an opportunity to replead the count to provide a stronger basis for such an inference.
Special Alert: CFPB revises UDAAP manual to include discriminatory practices
On March 16, the Consumer Financial Protection Bureau announced significant revisions to its Unfair, Deceptive, or Abusive Acts or Practices exam manual, in particular highlighting the CFPB’s view that its broad authority under UDAAP allows it to address discriminatory conduct in the offering of any financial product or service. Congress has enacted several statutes that outlaw discrimination on specified prohibited bases, including the Equal Credit Opportunity Act (ECOA), which generally makes it unlawful to discriminate on a prohibited basis when extending credit and which the CFPB is authorized to enforce. With this announcement, the Bureau made clear its view that any type of discrimination in connection with a consumer financial product or service could be an “unfair” practice — and therefore the CFPB can bring discrimination claims related to non-credit financial products (and other agencies that have UDAP authority may follow in the CFPB’s lead).
FTC settles action against e-commerce platform for data breach cover up
On March 15, the FTC announced a proposed settlement with two limited liability companies, the former and current owners, of an online customized merchandise platform (collectively, “respondents”) for allegedly failing to secure consumers’ sensitive personal data and covering up a major breach. According to the complaint, the respondents allegedly violated the FTC Act by, among other things, misrepresenting that they implemented reasonable measures to protect the personal information (PI) of customers against unauthorized access and for misrepresenting that appropriate steps to secure consumer account information following security breaches were taken. The complaint further alleged that respondents failed to apply readily available protections against well-known threats and adequately respond to security incidents, which resulted in the respondents' network being breached multiple times. Notably, one of the breaches involved a hacker gaining access to “millions of email addresses and passwords with weak encryption; millions of unencrypted names, physical addresses, and security questions and answers; more than 180,000 unencrypted Social Security numbers; and tens of thousands of partial payment card numbers and expiration dates.” The complaint goes on to allege that the online customized merchandise platform failed to properly investigate the breach for several months despite additional warnings, including failing to promptly notify its customers of the breach. Under the terms of the proposed settlement, the respondents are: (i) ordered to pay $500,000 in redress to victims of the data breaches: (ii) prohibited from making misrepresentations about their privacy and security measures, among other things, and (iii) required to have a third party assess their information security programs and provide the Commission with a redacted copy of that assessment suitable for public disclosure.
FTC bans auto marketer over deceptive mailings
On January 28, the FTC announced that it had banned a marketing services company and its owner from the auto industry for allegedly misleading consumers that their websites were affiliated with a government stimulus program and sending consumers deceptive mailings regarding prizes they had supposedly won. According to the opinion, the respondents violated the FTC Act by utilizing deceptive and unfair practices such as sending misleading mailings to persuade consumers to visit auto sales sites by suggesting that these sites were affiliated with a government Covid-19 stimulus program when in fact the sales were not part of any such program. The respondents also allegedly quoted monthly payments to purchase vehicles on credit, but did not provide key financing terms required by law that consumers need to determine the true cost of the advertised loans. Additionally, the respondents allegedly sent direct mail advertisements that deceptively indicated that consumers had won specific, valuable prizes that could be collected upon visiting the car dealership. The FTC noted that the respondents conducted such mailings, despite entering into three prior consent orders with state authorities identifying the ads as deceptive. According to the order, the respondents, are, among other things, banned from advertising, selling, or leasing automobiles for 20 years, and are prohibited from misrepresenting any material fact while marketing any product or service of any kind, as well as from any further violations of TILA’s disclosure requirements.
CFPB bans payment processor for alleged fraud
On January 18, the CFPB filed a proposed stipulated judgment and order to resolve a complaint filed last year against an Illinois-based third-party payment processor and its founder and former CEO (collectively, “defendants”) for allegedly engaging in unfair practices in violation of the CFPA and deceptive telemarketing practices in violation of the Telemarketing Act and its implementing rule, the Telemarketing Sales Rule. As previously covered by InfoBytes, the CFPB alleged that the defendants knowingly processed remotely created check (RCC) payments totaling millions of dollars for over 100 merchant-clients claiming to offer technical-support services and products, but that actually deceived consumers—mostly older Americans—into purchasing expensive and unnecessary antivirus software or services. The tech-support clients allegedly used telemarketing to sell their products and services and received payment through RCCs, the Bureau claimed, stating that the defendants continued to process the clients’ RCC payments despite being “aware of nearly a thousand consumer complaints” about the tech-support clients. According to the Bureau, roughly 25 percent of the complaints specifically alleged that the transactions were fraudulent or unauthorized.
If approved by the court, the defendants would be required to pay a $500,000 civil penalty, and would be permanently banned from participating in or assisting others engaging in payment processing, consumer lending, deposit-taking, debt collection, telemarketing, and financial-advisory services. The proposed order also imposes $54 million in redress (representing the total amount of payments processed by the defendants that have not yet been refunded). However, full payment of this amount is suspended due to the defendants’ inability to pay.