InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
Online Lenders Alliance Expresses “Strong Opposition” to Proposed Rate Cap Legislation in California and Maryland
In an April 12 letter to California Assembly member Matthew Dababneh (who chairs the state Assembly’s Committee on Banking and Finance), the Online Lenders Alliance (OLA) expressed its “strong opposition” to legislation introduced in California that would impose an interest rate cap for consumer loans or lines of credit in those states. Specifically, the Alliance contended that the legislation (A.B. 1109) would “significantly impact a consumer’s ability to find credit.” The OLA also communicated similar concerns in a letter to Maryland Governor Larry Hogan requesting that he veto cross-filed legislation (SB 527/ HB 1270) passed by the Maryland General Assembly.
Upon Review, NYDFS Requires International Bank to Continue Independent Monitoring
On April 21, the New York Department of Financial Services (NYDFS) announced it had entered into a supplemental consent order with an international bank to modify its 2012 and 2014 consent orders. In 2012, the bank agreed to engage an independent on-site monitor for 24 months to evaluate the New York branch’s BSA/AML and OFAC compliance programs and operations. The bank was also issued a $340 million civil money penalty. The 2014 consent order outlined the monitor’s findings including reports of significant failures in the bank’s transaction monitoring. The 2014 order extended the engagement of the monitor for another two years, outlined remedial measures to address continued deficiencies, and required the bank to pay an additional $300 million civil money penalty.
While NYDFS acknowledged in the 2017 supplemental consent order that the bank has made significant improvements in its BSA/AML compliance program, the engagement of the monitor has been extended until December 31, 2018 with all the other terms and conditions of the 2012 and 2014 consent orders remaining in full effect.
NY AG Schneiderman Releases Guidance on Student Loan Cancellation
On April 21, New York Attorney General Eric T. Schneiderman released guidance for eligible individuals who attended certain programs operated by a group of for-profit post-secondary education California-based colleges. The colleges—which ceased operations in 2015—allegedly made misrepresentations about the employment success of graduates of certain programs and used “false promises of career success to lure students, leaving many with enormous debt and few job prospects.” As a result, students who enrolled in those programs during specified time periods are eligible for the discharge of their federal student loans. It is estimated that up to 3,000 students in New York are eligible for federal loan cancellations based on the findings of an investigation conducted by the U.S. Department of Education (DOE). New York joins 43 other states and the District of Columbia in an outreach effort to assist students in submitting loan cancellation applications. If a student’s application is approved by the DOE, the loan(s) will be cancelled and payments previously made will be refunded.
Maryland and Tennessee Expand Use of Reporting Requirements for Money Services Businesses
As previously covered by InfoBytes, the Nationwide Licensing System (NMLS) for Money Services Businesses (MSBs) recently unveiled the MSB Call Report that standardizes and streamlines routine reporting requirements for state-licensed MSBs. On April 18, Maryland Governor Larry Hogan signed into law HB 182, which requires specified licensees to obtain and maintain a valid unique identifier and transfer licensing information to the NMLS. The law will go into effect July 1, 2017. Among those who must now register with NMLS are check cashers, collection agencies, consumer lenders, debt management service providers, credit service businesses, and sales finance companies. Licenses for mortgage lenders, mortgage originators, and money transmitters are already processed through NMLS. The Commissioner of Financial Regulation is charged with establishing a time period that is “not less 2 months within which a licensee must transfer licensing information to the NMLS.” Furthermore, at least 30 days before the transfer period begins, the Commissioner shall notify all licensees of the transfer period and provide instructions for the transfer of licensing information to NMLS.
On April 12, Tennessee Governor Bill Haslam enacted SB 1202, authorizing Tennessee’s Department of Financial Institutions to license industrial loan and thrift companies, title lenders, and individuals regulated under the Check Cashing Act or the Premium Finance Company Act through a multi-state automated licensing system. The law allows for the sharing of information—subject to specified confidentiality requirements—with state and federal regulatory officials having consumer finance industry oversight authority or finance industry oversight. Licenses for these types of entities will expire on December 31 of each year. The law includes staged effective dates, the first being July 1, 2017.
Arizona Enacts Laws Providing for Legal Recognition of Certain Electronic Signatures and Other Records
Last month, Arizona Governor Doug Ducey signed into law two pieces of legislation (S.B. 1084 and S.B. 1078), which formally grant legal recognition of electronic records and signatures under state law. Specifically, the new laws—each of which were passed unanimously by both houses of the Arizona legislature—formally acknowledge the legality of certain electronic records and signatures for the purpose of “satisfy[ing] any law that requires a record to be in writing or to be retained or both.” S.B. 1084 further details the requirements that must be satisfied when creating, sending, and accepting electronic signatures or records in order to qualify for legal recognition under the new law. As previously reported in InfoBytes, Arizona also recently enacted H.B. 2417, which recognized blockchain signatures and smart contracts under state law.
Nationwide Mortgage Licensing System Unveils New Money Services Businesses Call Report
On April 1, the Nationwide Mortgage Licensing System (NMLS) Money Services Businesses (MSB) unveiled “the first comprehensive report to consolidate state MSB reporting requirements and provide a database of nationwide MSB transaction activity.” It also allows licensees to report directly in NMLS for all states on a quarterly and annual basis. The release of the MSB Call Report culminates “a multi-year effort by state regulators to develop a tool to standardize and streamline routine reporting requirements for state-licensed Money Services Businesses”—including money transmitters, check cashers, and prepaid card issuers. The MSB Call Report contains three sections: (i) “company financial information”; (ii) “information about the licensee’s company and state level transactional activity”; (iii) “company permissible investments information”; (iv) “and transaction destination country information.” According to the MSB Call Report webpage, 18 state agencies will adopt the MSB Call Report for Q1 2017 reporting.
NMLS is the system of record for non-depository, financial services licensing or registration in participating state, territory and local agencies. Although NMLS does not grant or deny license authority, it does—in participating jurisdictions—serve as the official system for companies and individuals seeking to apply for, amend, renew and surrender licenses. NMLS is also the sole system of licensure for mortgage companies and the system of record for the registration of depositories, subsidiaries of depositories, and Mortgage Loan Originators (MLOs) under the CFPB’s Regulation G (S.A.F.E. Mortgage Licensing Act—Federal Registration of Residential Mortgage Loan Originators).
Additional information and a list of the state agencies that have adopted the report as of March 2017 can be accessed through the NMLS Resource Center.
California Department of Business Reaches $1.4 Million Settlement with Michigan-Based Mortgage Lender and Servicer
On April 10, the California Department of Business Oversight (DBO) announced a settlement with a California-licensed mortgage lender and servicer—whose principal place of business is based in Michigan—resolving allegations that the company violated California’s statutory restriction on per diem interest. California law prohibits lenders from “charging interest on mortgage loans prior to the business day that immediately precedes the day the loan proceeds are disbursed.” Pursuant to the consent order, the allegations against the company arose from two regulatory examinations conducted by DBO in 2011 and 2013, whereby the company—in order to avoid an enforcement action—agreed to cooperate fully with DBO’s request for audits, to refund per diem overcharges, and to consent to the issuance of the final order to pay refunds, penalties, and discontinue further violations. The terms of the consent order include $293,127 in refunds previously provided to approximately 3,400 borrowers for loans funded between August 2011 and May 2015, as well as future restitution to additional borrowers identified in required self audits of loans made between from June 2015 through February 2018. The order further requires the company to pay an additional $1.1 million in penalties for identified overcharges, as well as $125 for each additional violation discovered in the self audits.
New Mexico Enacts New Laws Affecting Payday Lenders, Check Cashing Service Providers, and the Enforcement of Service Contracts / Warranties
On April 6, New Mexico enacted H.B. 347, a bill amending the New Mexico Small Loan Act of 1955 (NMSLA) and Bank Installment Loan Act of 1959 (NMILA) to effectively eliminate “payday loans” in the state by requiring that loans of $5,000 or less be made pursuant to the NMSLA or NMILA. Specifically, the new law caps the annual percentage rate of such loans at 175% and requires lenders operating in New Mexico to provide loan terms of at least 120 days, and a minimum repayment schedule of four installments of substantially equal amounts. The new law also limits the fees and charges a lender may assess in connection with loans made under the NMSLA or NMILA as well as the number of times a lender may present a check or other debit for payment. Furthermore, lenders are prohibited from extending loans under the NMSLA or NMILA if the consumer has not repaid any loans previously obtained under these acts, and all lenders must report the terms of these loans to consumer reporting agencies. Notably, these new requirements do not apply to federally insured depository institutions. Moreover, H.B. 347—which takes effect on January 1, 2018—will be enforced exclusively by the state. Counties, municipalities, and other political subdivisions of the state are preempted from any regulation of terms and conditions regarding these loans whether by ordinance, resolution, or otherwise. A violation of either the NMSLA or the NMILA will constitute an unfair or deceptive trade practice under New Mexico’s Unfair Practices Act.
Also on April 6, Governor Susana Martinez signed into law S.B. 220, a bill that amends the Service Contract Regulation Act by adding and amending definitions; providing for surety through insurance policies; and providing specific information to be included into contracts and warranties. Specifically, the amendments—which are scheduled to take effect on June 16—allow providers to obtain a reimbursement insurance policy in lieu of maintaining a deposit with the Superintendent of Insurance.
That same day, Governor Martinez also enacted H.B. 276, a bill that increased from $500 to $2,500 the revenue threshold within a 30-day period that triggers New Mexico’s Uniform Money Services Act licensing requirement for check cashing businesses. H.B. 276 is scheduled to take effect July 1.
New Mexico Enacts Data Breach Notification Act
On April 6, New Mexico Governor Susana Martinez signed into law the Data Breach Notification Act (H.B. 15), making New Mexico the 48th state to pass a data breach notification law. Under the new law—which is scheduled to take effect on June 16—companies are now required to notify any New Mexico residents (and in certain circumstances consumer reporting agencies and the state’s attorney general) following the discovery of a “security breach” involving that resident’s “personal identifying information.” The Act—which unanimously cleared both New Mexico’s House and Senate—also establishes standards for the secure storage and disposal of data containing personal identifying information and provides for civil penalties for violations.
According to the Act, “personal identifying information” consists of an individual’s first name or first initial and last name in combination with any one or more of the following data elements: (i) Social Security number; (ii) driver's license number or government issued identification number; (iii) account number, credit card, or debit card number, in combination with any required security code, access code, or password that would permit access to an individual's financial account; or (iv) biometric data. As with many other states’ breach notice laws, the term “security breach” is defined as “the unauthorized acquisition of unencrypted computerized data, or of encrypted computerized data and the confidential process or key used to decrypt the encrypted computerized data, that compromises the security, confidentiality or integrity of personal identifying information maintained by a person.” However, notice to affected residents is not required if the entity “determines that the security breach does not give rise to a significant risk of identity theft or fraud.” The Act also sets out the required contents of, and methods for providing, notification—which generally must be made no later than 45 days after the breach was discovered—including substitute methods if certain criteria are met. Certain entities, including those subject to GLBA or HIPAA, are exempt from the requirements of the Act.
Notably, the Act does not provide its citizens with a private right of action, but rather charges the state’s attorney general with enforcing the Act through legal actions on behalf of affected individuals. The Act provides for the issuance of injunctive relief and/or damages for actual losses including consequential financial losses. For knowing or reckless violations of the Act, a Court also may impose civil penalties of $25,000, or in the case of a failure to notify, a penalty of $10 per instance up to a maximum penalty of $150,000.
State AGs, Industry Groups Submit Comments Addressing CFPB’s Proposed Delay of Prepaid Accounts Rule
As previously covered in InfoBytes, the Bureau released its final rule (the “Prepaid Accounts Rule”) on prepaid financial products in October of last year in order to provide consumers with additional federal protections under the Electronic Fund Transfer Act and also to offer consumers standard, easy-to-understand information about prepaid accounts. Recently, however, the CFPB announced its intention to delay the effective date of its Prepaid Accounts Rule by six months. If approved, the proposed extension would push back the current October 1, 2017, effective date to April 1, 2018. According to the proposed rule and request for public comment published by the Bureau in the March 15 Federal Register, the extension comes in response to comments received from “some industry participants” who “believe they will have difficulty complying with certain provisions.” The CFPB has taken the position that extending the deadline for compliance “would, among other things, help industry participants address certain packaging-related logistical issues for prepaid accounts that are sold at retail locations.” Comments on the proposal were due April 5.
State AG’s Letter. On April 5, attorneys general from 17 states and the District of Columbia submitted a letter to congressional leaders presenting various arguments against pending House and Senate resolutions (S.J. Res. 19, H.J. Res. 62, and H.J. Res. 73) providing for congressional disapproval and effectively nullifying the CFPB’s Prepaid Accounts Rule. The state attorneys general—including AGs for the District of Columbia, California, Hawaii, Illinois, Iowa, Maine, Maryland, Massachusetts, Minnesota, Mississippi, North Carolina, Oregon, Pennsylvania, Rhode Island, Vermont, Virginia, and Washington, along with the Executive Director of the Hawaii Office of Consumer Protection—argued, among other things, that consumer protections provided by the Rule are important because, among other things, “consumers frequently report concerns about hidden and abusive fees as well as fraudulent transactions that unfairly deplete the funds loaded onto prepaid cards.” The AGs’ letter notes further that prepaid cards are often used by “vulnerable consumers” who have limited or no access to a traditional bank account. Notably, although they characterize these congressional resolutions as a “misplaced effort,” the state AGs acknowledge that the Congressional Review Act “gives Congress, with the President’s signature, a window to veto a rule from going into effect.”
American Bankers Association (ABA) Letter. In another comment letter, submitted on April 3, the ABA commended the CFPB for “proposing to extend the deadline” because, among other things, “some industry participants, especially those offering prepaid cards in retail stores, may have difficulty complying with certain provisions.” The ABA also noted that the extension of time presents an opportunity for the Bureau to “consider making adjustments as appropriate to ensure unnecessary disruption to consumers’ access to, and use of, prepaid accounts.” As explained in the letter, the ABA’s primary concern about the Prepaid Accounts Rule “remains the inconsistency and lack of clarity of the regulation’s distinction between checking accounts and prepaid accounts.” To this end, the ABA recommends that the Bureau use the extra time to “remove inconsistencies in the Rule and clarify the distinction between a prepaid account and a checking account to ensure that banks do not inadvertently violate the regulation and risk significant potential liability and supervisory actions.” The ABA’s letter also calls for “similar changes” to the “definition of ‘payroll account’” in order to further distinguish product types.
Independent Community Bankers of America (ICBA) Letter. Also on April 3, the ICBA also submitted a short comment letter stating, among other things, that it “fully supports extending the effective date” as the additional time will “ensure that systems and technology changes could be made to facilitate compliance.”