InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
CFPB to issue $95 million in redress to victims of student loan debt relief operation
On December 13, the CFPB announced that it will distribute more than $95 million in redress to over 87,000 consumers harmed by a student loan debt relief operation. As previously covered by InfoBytes, the CFPB, along with the Minnesota and North Carolina attorneys general, and the Los Angeles City Attorney (together, the “states”), announced an action against the defendants for allegedly deceiving thousands of student loan borrowers and charging more than $71 million in unlawful advance fees. In the complaint filed October 21, 2019, and unsealed on October 29, 2019 in the U.S. District Court for the Central District of California, the Bureau and the states alleged that since at least 2015, the defendants have violated the CFPA, the TSR, and various state laws by charging and collecting improper advance fees from student loan borrowers prior to providing assistance and receiving payments on the adjusted loans. The CFPB also claimed that the defendants automatically put loans in forbearance and submitted false information to loan servicers to qualify customers for lower monthly payments.
NYDFS's Harris to serve as the state banking representative on the FSOC
On December 13, the Conference of State Bank Supervisors (CSBS) announced that NYDFS Superintendent Adrienne A. Harris will serve as the state banking representative on the Financial Stability Oversight Council (FSOC). According to the announcement, in 2013, Superintendent Harris joined the Obama Administration as a Senior Advisor in the U.S. Department of Treasury prior to being appointed as the Special Assistant to the President for Economic Policy. In this role, she managed the financial services portfolio, focusing on the implementation of Dodd-Frank, and developed strategies for financial reform, consumer protections, cybersecurity and housing finance reform. According to James M. Cooper, president and CEO of CSBS, Harris’s “background and experience at both the federal and state level will be an asset for the council as it manages emerging risk during a time of economic uncertainty.”
Collection firm to pay $100,000 for operating without a license
On December 1, the Connecticut Department of Banking (Department) fined a collection law firm $100,000 and ordered it to cease and desist from collection activity for operating without a valid license. According to the order, in August, the Department issued a temporary order to cease and desist, a notice of intent to issue order to cease and desist, a notice of intent to impose a civil penalty, and a notice of a right to a hearing, which provided the firm 14 days to respond to request a hearing. Furthermore, the firm was warned that if a request for hearing was not made, a cease and desist order would likely be forthcoming. During its investigation, the state discovered that in 2019, the firm was conducting unlicensed collection agency activity for about 10,000 Connecticut accounts with a total balance of about $1.4 million. The firm allegedly collected approximately $81,000 of that amount. In late 2019, the state sent the firm a certified letter regarding its collection activity and asked for a response, which was never provided. In the August order, the firm was asked to supply the state with a list of all the creditors with whom the firm has entered into agreements for consumer collection services since July 2018, including copies of all the agreements with those creditors, and an itemized list of each Connecticut debtor account that the firm had attempted collections on for the same time period.
DFPI issues reminder to debt collection licensing applicants
Recently, the California Department of Financial Protection and Innovation (DFPI) issued a reminder that starting January 1, 2023, the agency will begin approving applications under the Debt Collection Licensing Act. As previously covered by InfoBytes, the California governor signed AB 156 in September to allow any debt collector that submits an application to the DFPI commissioner by January 1, 2023, to operate pending the approval or denial of the application. DFPI reminded applicants that background checks will be performed at a later date. The period for individuals to provide fingerprints upon request from DFPI is extended from 60 to 90 days. Written notification will be sent to applicants through the Nationwide Multi-State Licensing System 90 days prior to fingerprinting being due. Additionally, DFPI stated that due to the delay in the application process, final approvals may be delayed. Further announcements will be issued in the coming weeks concerning conditional approvals, DFPI said, noting that it will provide at least 30 days' notice before implementing any changes to existing processes.
District Court stays action against remittance provider while Supreme Court weighs CFPB’s funding structure
On December 9, the U.S. District Court for the Southern District of New York stayed an action brought by the CFPB and the New York attorney general against a defendant remittance provider until after the U.S. Supreme Court decides if it will review whether the U.S. Court of Appeals for the Fifth Circuit erred in holding that the Bureau’s funding structure violates the Appropriations Clause of the Constitution. Last month the DOJ, on behalf of the CFPB, submitted a petition for a writ of certiorari seeking Supreme Court review of the 5th Circuit’s decision during its current term. (Covered by InfoBytes here.) The New York AG and the Bureau sued the defendant in April for allegedly violating the EFTA and its implementing Regulation E, the Remittance Rule, and the Consumer Financial Protection Act (CFPA), among various consumer financial protection laws, in its handling of remittance transfers. (Covered by InfoBytes here.)
The defendant argued that the district court should hold off on deciding on its motion to dismiss per the aforementioned argument, but should nonetheless rule on its pending motion to transfer. The Bureau opposed the defendant’s request for a stay, countering “that a stay would not promote efficiency” since the issue of the Bureau’s standing would not affect the claims brought in the current action. The Bureau further asserted “that the public and the parties’ interest weighs against a stay, as it would hinder Plaintiffs’ enforcement of the consumer protection laws and make obtaining evidence down the line more difficult.”
The district court disagreed, stating that the Supreme Court may address the broader issue of the Bureau’s standing to bring enforcement actions in its decision, and that, regardless, the agency’s claims in the current action “are inextricably linked to CFPB rules and regulations, which themselves may be implicated by a Supreme Court decision should it grant the petition.” The district court stayed the case in its entirety and said that it will wait to decide on both motions until after the Supreme Court decides on the Bureau’s filed petition for a writ of certiorari.
Parties reach agreement to resolve data scraping allegations
On December 8, the U.S. District Court for the Northern District of California issued a consent judgment and permanent injunction against a now-defunct plaintiff data analytics company in an action concerning whether the plaintiff breached a user agreement with a defendant professional networking site by using an automated process to extract user data (a process known as “scraping”) for the purposes of selling its analytics services to businesses. The case was sent back to the district court earlier this year by the U.S. Court of Appeals for the Ninth Circuit (on remand from the U.S. Supreme Court) after the appellate court affirmed the district court’s order preliminarily enjoining the defendant from denying the plaintiff access to publicly available member profiles. (Covered by Infobytes here.)
As previously covered by InfoBytes, last month the district court ruled that the plaintiff breached its user agreement by creating fake accounts and copying url data as part of its scraping process. Nonetheless, at the time, the district court noted that there remained a legitimate dispute over whether the defendant waived its right to enforce the user agreement after the plaintiff openly discussed its business model, including its reliance on scraping, at conferences it organized that were attended by defendant’s executives. The district court further questioned when the defendant became aware of the plaintiff’s scaping, whether it should have taken “steps to legally enforce against known scraping” sooner, and whether the defendant can raise certain defenses to its breach of contract claim tied to the plaintiff’s data scraping and unauthorized use of data.
On December 6, the parties separately reached an agreement to resolve all outstanding claims in the case. The final consent judgment enters a $500,000 judgment against the plaintiff and waives all other monetary relief. Additionally, the plaintiff is permanently enjoined from scraping or accessing the defendant’s platform without express written permission, whether directly or indirectly through a third party or whether logged in to an account or not. The plaintiff is also prohibited from developing, using, selling, or distributing any software or code for data collection from the defendant’s platform. The plaintiff must also delete all software code in its possession that is designed to access the defendant’s platform, must delete all member profile data in its possession (including data stored with a third party), and is barred from “using, distributing, selling, analyzing, or otherwise accessing any data” collected without the defendant’s express permission, whether directly or indirectly through a third party, among other requirements.
CFPB proposes registry of nonbank repeat offenders
On December 12, the CFPB announced a proposed rule seeking to identify repeat financial law offenders by establishing a database of enforcement actions taken against certain nonbank covered entities. Specifically, the Bureau proposes to enhance market monitoring and risk-based supervision efforts by including all final public written orders and judgments (including any consent and stipulated orders and judgments) obtained or issued by any federal, state, or local government agency for violation of certain consumer protection laws related to unfair, deceptive, or abusive acts or practices in the database. Additionally, pursuant to Section 1024(b)(7) of the Consumer Financial Protection Act, the Bureau is also proposing that larger supervised nonbanks be required to submit annual written statements regarding compliance with each underlying order that is signed by an attesting executive with “knowledge of the entity’s relevant systems and procedures for achieving compliance and control over the entity’s compliance efforts.” Excluded from the registry will be insured depository institutions and credit unions, related persons, states, natural persons, and certain other entities.
Explaining that protecting American consumers is a shared effort spanning local, state, and federal authorities, CFPB Director Rohit Chopra stated that currently “readily accessible information is lacking about the identity of orders issued against nonbanks subject either to the CFPB’s market monitoring authority or to its supervisory authority across the various markets for consumer financial products and services.” The creation of a central repository of enforcement actions around the country for use in tracking and mitigating risks posed by repeat offenders and monitoring entities subject to agency and court orders will help the Bureau, the law enforcement community, and the public “limit the harms from repeat offenders,” the Bureau said in its announcement. The Bureau noted that it plans to share the database with other regulators and law enforcement agencies by making the registry public.
Comments on the proposal are due 60 days after publication in the Federal Register. The Bureau said the proposed registry would launch “no earlier than January 2024.”
NYDFS finds racial disparities in mortgage lending
On December 8, NYDFS announced a second report in an ongoing statewide inquiry into redlining and other forms of housing discrimination by mortgage lenders, particularly non-depository lenders. This report focuses on racial disparities in mortgage lending in Long Island, Rochester, and Syracuse, and follows one on Buffalo (covered by InfoBytes here). The report maps lending activity and details individual institutions' lending in majority-minority neighborhoods and to borrowers identifying as members of a minority group.
Analyzing HMDA data, NYDFS’s recent report concluded that: “ In Nassau county, where the population is 41.8 percent non-white, on average, lenders make 35.32 percent of their loans to borrowers identifying as people of color. Among lenders operating in the county, lending to borrowers identifying as people of color ranges from 14.9 percent to 50.22 percent. In Suffolk county, where the population is 33.7 percent non-white, on average, lenders make 22.44 percent of their loans to borrowers identifying as people of color. Among lenders operating in the county, lending to borrowers identifying as people of color ranges from 13.07 percent to 36.85 percent. In the Rochester metro area, where 23.9 percent of the population is non-white, on average lenders make 11.32 percent of their loans to borrowers identifying as people of color, less than half of what would be expected based solely on population make-up. Similarly in the Syracuse metro area, 18.7 percent of the population is non-white, but on average lenders make 8.67 percent of their loans to borrowers identifying as people of color.”
In the announcement, NYDFS noted that it is currently developing regulations to implement the updated New York Community Reinvestment Act, which expands oversight to non-depository mortgage lenders operating in the state. The insights uncovered through these reports’ investigations will be reflected in these proposed regulations which will be published for public comment in 2023.
FTC, Florida permanently shut down grant funding operation
On December 8, the FTC and the Florida attorney general announced that a Florida-based grant funding company and its owner (collectively, “defendants”) will be permanently banned from offering grant-writing and business consulting services as a result of a lawsuit the regulators brought against the defendants in June. As previously covered by InfoBytes, the complaint alleged that the defendants violated the Consumer Protection Act, the FTC Act, and the Florida Deceptive Unfair Trade Practices Act by deceptively marketing their services to minority-owned small businesses. Among other things, the defendants (i) promised grant funding that did not exist and/or was never awarded; (ii) misled customers about the status of grant awards; and (iii) failed to honor a “money-back guarantee” and suppressed customer complaints. The defendants agreed to the terms of a proposed court order, which would ban them from providing grant-related services and business consulting, and prohibit them from making misrepresentations regarding advertised products or services. Defendants would also be required to turn over certain property to be sold in order to provide refunds to affected businesses. The proposed order also includes a more than $2 million monetary judgment, which is partially suspended due to defendants’ inability to pay.
Appellate court reverses BIPA decision
On November 30, the Illinois Court of Appeal for the Fourth Appellate District reversed and remanded a trial court’s decision to grant a defendant plating company’s motion for summary judgment in a Biometric Information Privacy Act (BIPA) suit. The plaintiff began working for the defendant in 2014. From the beginning of his employment, the plaintiff clocked into his job using a fingerprint, but the defendant did not have a written retention-and-destruction schedule for biometric data until 2018. The plaintiff was subsequently terminated and then filed suit claiming that the defendant violated BIPA by failing to establish a retention-and-destruction schedule for the possession of biometric information until four years after it first possessed the plaintiff’s biometric data. The trial court granted the defendant’s motion for summary judgment, finding that section 15(a) of BIPA established no time limits by which a private entity must establish a retention-and-destruction schedule for biometric data. The plaintiff appealed.
The appellate court reversed the trial court’s order, finding that Section 15(a) specified that a private entity “in possession of” biometric data must develop a written policy laying out its retention and destruction protocols, and the duty to develop a schedule is triggered by possession of the biometric data. The appellate court noted that its decision “is consistent with the statutory scheme, which imposes upon private entities the obligation to establish [BIPA]-compliant procedures to protect employees' and customers' biometric data.” The appellate court went on to note that it “can discern no rational reason for the legislature to have intended that a private entity ‘develop’ a ‘retention schedule and guidelines for permanently destroying’ (id. § 15(a)) biometric data at a different time from that specified in the notice requirement in section 15(b), which itself must inform the subject of the length of time for which the data will be stored (i.e., retained), etc.” The appellate court concluded “that the duty to develop a schedule upon possession of the data necessarily means that the schedule must exist on that date, not afterwards,” and stressed that this is “the only reasonable interpretation” in light of BIPA's “preventive and deterrent purposes.”
Furthermore, the appellate court rejected the defendant’s argument that “the statutory duty is satisfied so long as a schedule exists on the day that the biometric data possessed by a defendant is no longer needed or the parties’ relationship has ended," stating that the statutory language “belies this interpretation.”