InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
CFPB announces consent order against leasing company
On September 11, the CFPB issued a consent order against an Ohio-based nonbank consumer finance company (respondent), for deceptive practices related to consumer leasing agreements. The CFPB, along with 41 states and the District of Columbia, addressed respondent’s conduct in a parallel multi-state settlement. According to the consent order, respondent, operating through major retailers, allegedly concealed contract terms and costs from consumers, leading them to unknowingly enter into costly leasing agreements. The Bureau claims that deceptive practices left consumers unable to return products and burdened with unexpectedly high payments, violating the CFPA and Regulation M, implementing the Consumer Leasing Act.
The consent order states that respondent concealed lease agreement terms, often providing consumers with copies of the agreements after transactions or relying on verbal descriptions from store employees. Consumers were also allegedly trapped by unreasonable return practices, as respondent did not accept returns for many items, forcing consumers to pay excessively high prices. Additionally, the CFPB claimed respondent failed to provide legally required disclosures, leading to revenues of approximately $192 million from around 325,000 consumers.
As a result of the consent order, respondent is permanently prohibited from offering consumer leases and is required to close all outstanding consumer accounts. Consumers will be allowed to keep leased merchandise without further payment, amounting to approximately $33.6 million in released payments. Respondent must also pay a $2 million penalty, with $1 million going to the CFPB's victims’ relief fund and the remaining $1 million allocated to the participating states.
The CFPB's director, Rohit Chopra, emphasized the significance of the order, stating that it permanently bans respondent from engaging in such agreements. The alleged deceptive practices, which occurred from January 1, 2015 to the present, and allegedly affected over 1.8 million consumers who entered into financial agreements with the company covering a wide range of items, from auto parts to furniture and jewelry. Respondent neither admitted nor denied the CFPB’s claims.
Biden announces nomination for FDIC Inspector General
On September 15, President Joe Biden announced his intention to nominate Jennifer L. Fain as Inspector General of the FDIC. Fain brings over 22 years of experience in the inspector general community, most recently serving as Deputy Inspector General for the Export-Import Bank of the United States (EXIM). She has extensive oversight experience in financial services and consumer protection and has held leadership positions in various audit, inspection, and evaluation offices within federal agencies. Fain holds an M.S. in Finance from Johns Hopkins University and a B.S.B.A. in Accounting from the University of Colorado.
Chopra shares prepared remarks about the lessons from 2008
In his recent address at the Better Markets Conference and his address at the Mortgage Collaborative National Conference, CFPB Director Rohit Chopra reflected on lessons from the 2008 financial crisis, discussing the regulatory failures exemplified by mortgage entities’ risky practices and emphasized the post-crisis reforms, including the creation of the CFPB. Chopra highlighted the CFPB's role in implementing crucial mortgage industry standards and its positive impact on borrower protections. He also mentioned the challenges facing the mortgage market today and the legal battles over CFPB rules, touching upon an upcoming Supreme Court case challenging the CFPB's constitutionality and its potential consequences for financial stability, underlining the importance of regulatory rules for financial markets and household finances. Chopra highlighted the CFPB's role in implementing standards for ensuring borrowers' ability to repay through the qualified mortgage and ability-to-repay rule, which granted legal immunity to compliant lenders. As a result of the financial crisis, Congress set requirements related to mortgage data, mortgage servicing, and mortgage lender compensation. Much of the authority that had been held by the OCC, the Fed, and the Office of Thrift Supervision were transferred to the nascent CFPB. In his remarks, Chopra also outlined areas where further action is needed, including open banking, financial data rights, bank mergers, the effectiveness of "living wills" for large financial firms, and the regulation of shadow banks.
CFPB contests Kentucky banks' motion to block enforcement of Small Business Lending Rule
On September 5, the CFPB filed an opposition to a motion for a preliminary injunction made by a group of Kentucky banks (plaintiff banks) in the U.S. District Court for the Eastern District of Kentucky. As previously covered by InfoBytes, the plaintiff banks filed their motion for a preliminary injunction seeking an order to enjoin the CFPB from enforcing the Small Business Lending Rule against them for the same reasons that a Texas district court enjoined enforcement of the rule (Texas decision covered by InfoBytes here). The CFPB argues that the plaintiff banks have not satisfied any of the factors necessary for preliminary relief, including that they have not shown that their claim is likely to succeed on the merits, and they have not shown that they face imminent irreparable harm. The Bureau also argues that the plaintiff banks are factually wrong in asserting that the Rule would require lenders to compile “‘scores of additional data points’ about their small business loans,” and that the additional data requirements are consistent with the Bureau’s statutory authority to require such additional data if it assists in “‘fulfilling the purposes of [the statute].’” The CFPB argues, among other things, that the “outlier ruling of the 5th Circuit” in the Texas case does not demonstrate that the plaintiff banks are entitled to the relief they seek.
Fed announces enforcement action against Kansas bank for operational deficiencies
On September 5, the Fed announced a cease and desist order (the “order”) against a Kansas bank holding company and its subsidiary bank (collectively, the “bank”) for having significant operational deficiencies, including deficiencies related to staffing, internal controls, credit risk management, lending and credit administration, capital, information technology and information security, books and records, regulatory reporting, liquidity and funds management, earnings, interest rate risk management, third-party risk management, and other deficiencies such as compliance with federal laws related to AML/BSA requirements.
The order directs the bank to, among other things, (i) strengthen board oversight; (ii) engage a third party to conduct an assessment of the bank’s corporate governance and staffing; (iii) improve lending and credit administration policies and procedures; (iv) correct the identified information technology and information security deficiencies; (v) revise its allowance for credit losses methodology to comply with supervisory guidance; (vi) enhance interest rate risk management practices; (vii) improve internal controls; (viii) submit a written plan to maintain sufficient capital; (ix) enhance liquidity risk management; and (x) improve the bank’s earnings and overall condition. The order also directs the Bank to improve its BSA/AML compliance program and internal audit program, and to take all necessary steps to correct all violations of law or regulation and to ensure future compliance.
FDIC announces launch of new examination portal
On September 5, the FDIC announced the launch of a new Banker Engagement Site (“BES”) through FDICconnect. The BES will provide a secure and efficient electronic portal through which financial institutions may exchange documents, information and communications for consumer compliance and Community Reinvestment Act examinations. BES will not be used for other FDIC examinations, including safety and soundness examinations. The announcement notes that the FDIC’s existing tool to exchange examination information, the Enterprise File Exchange, will continue to be used when the pre-planning for consumer compliance and CRA activity initiated prior to the availability of BES and also may be utilized in some additional circumstances.
Federal and state financial regulatory agencies issue joint statement on the effects of Hurricane Idalia on supervisory practices
On September 1, the FDIC, Fed, NCUA, OCC and CSBS issued a joint statement recognizing the serious impact of Hurricane Idalia on the customers and operations of many financial institutions in the effected area.
The guidance discusses the following aspects of financial institution operations:
- Lending: The agencies encourage financial institutions to work constructively with borrowers in affected communities, including prudent efforts to adjust existing loan terms, and declares that the agencies will not subject such efforts to examiner criticism. “The agencies recognize that efforts to work with borrowers in communities under stress can be consistent with safe-and-sound practices as well as in the public interest.”
- Temporary Facilities: The agencies understand that many financial institutions face staffing, power, telecommunications, and other challenges in re-opening facilities and will expedite, as appropriate, any request to operate in temporary facilities.
- Publishing Requirements: The agencies understand that the damage that the hurricane caused may affect compliance with publishing and other requirements for branch closings, relocations, and temporary facilities. Impacted institutions should contact their primary federal and/or state regulator.
- Regulatory Reporting Requirements: Impacted institutions that expect to encounter difficulty meeting the agencies' reporting requirements should contact their primary federal and/or state regulator to discuss their situation.
- Community Reinvestment Act: Financial institutions may receive CRA consideration for community development loans, investments or services that revitalize or stabilize federally designated disaster areas.
- Investments: The agencies encourage financial institutions to monitor municipal securities and loans affected by the hurricane, including those related to local government projects.
CFPB posts guidance on RESPA
On September 1, the CFPB posted guidance to its website that affirms guidance on the Real Estate Settlement Procedures Act (RESPA) that the Department of Housing and Urban Development previously issued. In 2011, the Dodd-Frank Act transferred responsibility for RESPA from HUD to the CFPB. At the time, the Bureau stated that it would apply “the official commentary, guidance, and policy statements” that HUD had issued on RESPA “pending further CFPB action” and would give “due consideration” to other (i.e., informal) guidance and interpretations. Although the Bureau has issued certain consent orders and other statements that may cast doubt on whether it interprets RESPA in the same manner that HUD did, in the most recent posting, the Bureau confirms that the list of documents posted by the Bureau generally “continue to be applied today by the CFPB.”
CFPB reaches $2.6 billion settlement with credit repair telemarketers
On August 28, the CFPB announced a proposed settlement with Utah-based credit repair telemarketers and various affiliates (collectively, "defendants") for allegedly committing deceptive acts and practices in violation of the Telemarketing Sales Rule (TSR) and the Consumer Financial Protection Act (CFPA) by collecting illegal advance fees. As previously covered by InfoBytes, in its initial lawsuit the CFPB alleged the defendants requested and received payment of “prohibited” upfront fees for telemarketed credit repair services when they signed up. In June, a district court ruling put a hold on the Bureau’s initial attempt to impose the settlement because of “outstanding issues of fact” which precluded it from entering the agency’s requested relief at that time (covered by InfoBytes here). The Bureau and defendants have now agreed to a new settlement which will, among other things, (i) impose over $2.7 billion in redress (understanding that the principal corporate defendant is in Chapter 11 bankruptcy proceedings); (ii) impose over $64 million in civil money penalties; (iii) ban defendants from telemarketing and from doing business with certain marketing affiliates for ten years; and (iv) require defendants to send a notice of the settlement to “any remaining enrolled customers who were previously signed up through telemarketing.”
The proposed settlement is subject to final approval by the court.
DOJ announces international malware action, recovers $8.6 million in illicit profits
On August 29, the DOJ announced a multinational operation involving the U.S., France, Germany, the Netherlands, the UK, Romania, and Latvia to “disrupt” a malware’s infrastructure called Qakbot. Attorney General Merrick B. Garland stated that, “[t]ogether with our international partners, the Justice Department has hacked Qakbot’s infrastructure, launched an aggressive campaign to uninstall the malware from victim computers in the United States and around the world, and seized $8.6 million in extorted funds. ” The main method by which the Qakbot malware spreads to target computers is via spam emails that contain harmful attachments or links. Upon successfully infecting a target computer, the DOJ mentioned that Qakbot gains the capability to introduce other types of malware, such as ransomware. Over the past few years, many ransomware collectives have used Qakbot as an initial avenue for initiating infections and has caused hundreds of millions of dollars in damages. The DOJ highlighted that “[t]he action represents the largest U.S.-led financial and technical disruption of a botnet infrastructure leveraged by cybercriminals to commit ransomware, financial fraud, and other cyber-enabled criminal activity.”