InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
New Mexico settles with technology company over COPPA violations
On December 13, the New Mexico attorney general announced a settlement in two federal court cases filed against a multinational technology company both of which resolve allegations against the company under the federal Children’s Online Privacy Protection Act (COPPA) and other state consumer protection laws. According to one complaint, the company allegedly violated COPPA and the New Mexico Unfair Practice Act by collecting the personal information of minors and the mining of student emails in connection with the use of the company’s educational tools. In a separate complaint, among other things, the company’s mobile ad platform permitted a third-party game developer to collect the personal data of minors without “verifiable parental consent.” According to the AG, under the terms of the settlement, the company must, among other things: (i) fund a new initiative to promote education, privacy, and safety for children across New Mexico and work with the AG to identify recipients of these funds; (ii) “provide[] school administrators with tools to protect minor students from improper collection of their personal data, including age-based access settings to ensure that minor children’s data is protected from unauthorized collection and disclosure”; (iii) monitor app developers that mislabel their child-directed apps; and (iv) require apps to implement age screening measures which ensure that these apps do not collect information from children.
States say FHA must require servicers to comply with Covid-19 loss mitigation options
On December 21, a coalition of attorneys general from 20 states and the District of Columbia sent a letter to the FHA urging the agency to address mortgage servicers’ alleged failure to adequately implement Covid-19 recovery loss mitigation options for eligible borrowers. As previously covered by InfoBytes, FHA issued Mortgagee Letter 2021-18 in July, which required mortgage servicers to offer a zero-interest subordinate lien option to eligible homeowners who can resume their existing mortgage payments under the “COVID-19 Recovery Standalone Partial Claim” option. For borrowers that are unable to resume their monthly mortgage payments, FHA established the “COVID-19 Recovery Modification” option, which extended the term of a mortgage to 360 months at market rate and targeted a 25 percent principal and interest reduction for all eligible borrowers. At the time, FHA informed servicers that they could start offering the options as soon as operationally feasible but were required to use the new options within 90 days.
The AGs alleged in their letter that several servicers of FHA-insured loans are reportedly failing to adequately implement these Covid-19 relief programs, and are instead “routinely sending borrowers letters that fail to include the Covid-19 Recovery Modification as an available option, are requiring paperwork and imposing qualifications that are not necessary under the FHA’s guidelines, and are instructing borrowers during customer-service phone calls that this option does not exist.” The AGs expressed deep concerns over these reports and requested that FHA take immediate action to ensure that FHA’s loss mitigation options, including the Covid-19 Recovery Modification, are fully implemented, and that borrowers receive accurate, up-to-date information. The AGs asked that FHA-approved lenders and servicers be required to demonstrate that they are taking affirmative actions to implement these Covid-19 relief options and requested training for all customer service staff to ensure borrowers receive the necessary information.
New York AG warns mortgage servicers of obligation to help homeowners affected by Covid-19
On December 13, New York Attorney General Letitia James sent a letter warning mortgage servicers operating in the state of their obligation to help homeowners impacted by the Covid-19 pandemic. The letter, which was also sent to mortgage industry trade associations, reiterated that mortgage servicers are expected to comply with New York law and federal regulations and guidelines when providing long-term relief to affected homeowners. James also announced “that the Office of the Attorney General’s (OAG) Mortgage Enforcement Unit (MEU) will be helping to oversee the distribution of New York state’s Homeowner Assistance Fund (HAF) announced last week by New York Governor Kathy Hochul.” According to the letter, HAF funds “may be used to pay off arrears or reduce mortgage principal so that homeowners can qualify for an affordable loan modification.” However, James stressed that these funds “must supplement rather than replace the mortgage industry’s own efforts,” adding that mortgage servicers must “play their part by offering homeowners all available loss mitigation options before that homeowner seeks an outside HAF grant, in order to help the program save as many homes as possible.” MEU will contact the mortgage industry, including New York legal services and housing counseling agencies, to provide additional information on the HAF application process. MEU will also be responsible for reviewing HAF applications to determine whether homeowners have been presented all available and affordable loan modification options.
James’ announcement stated that mortgages servicers are also expected to comply with streamlined modification programs offered by various federal agencies, Fannie Mae, and Freddie Mac, and must also “provide comparable relief (pursuant to New York state Banking Law § 9-x and New York’s mortgage servicing regulations) to homeowners whose mortgages are owned by private investors through private label securities or by banks in their own portfolios.” Mortgage servicers should also prepare for surges in requests for assistance, and will be held responsible for staffing shortages and poor customer communications, James warned. She noted in her letter that the OAG is “currently investigating whether certain servicers of privately-owned mortgages have failed to offer homeowners the forbearance relief and post-forbearance modifications required by New York Banking Law § 9-x,” and emphasized that the OAG “will continue to monitor compliance and initiate enforcement actions against individual mortgage servicers as needed to protect New York homeowners.”
California sentences student loan debt relief scammers
On December 6, the California attorney general announced the sentencing of four individuals involved in a student loan assistance scam and related computer crimes. According to the AG, the individuals’ now-defunct company presented “itself as a legitimate source of help and feigned association with the U.S. Department of Education (ED) in order to gain the trust of distressed student loan borrowers and access their personal information.” Company employees “were directed to access and disrupt student loan borrower account data, as well as create new student borrower accounts while posing as the borrowers,” which violated the state’s computer crime laws the AG stated. Borrowers were convinced to pay fees of up to $1,300 in monthly payments in order to participate in the company’s loan payment reduction programs, which offered loan deferment and income-driven repayment. However, many of the borrowers were unaware that these payment reduction programs were already offered free of charge by the Department of Education. Moreover, borrowers did not know that their monthly payments were not a subscription service or applied towards their federal student loans, but were rather payments on a high interest loan. The AG contended that borrowers were purportedly required to continue making these payments even if they attempted to cancel the company’s services, and that “to facilitate the scam, the defendants used the Federal Student Aid website to illegally access student borrower records housed in computer systems belonging to ED.” In additional to their sentences of up to 180 days in prison, community service and probation, the individuals were ordered to pay restitution to harmed borrowers.
Chopra wants states to enforce federal consumer protection laws
On December 7, in a speech before the National Association of Attorneys General (NAAG) meeting, CFPB Director Rohit Chopra discussed the importance state partnerships play in enforcing consumer financial protection laws. In addressing the dangers of federal preemption over state consumer protection measures, Chopra highlighted data covering the 2007-2009 mortgage crisis, in which a 2010 study from the University of North Carolina claimed that “the OCC’s 2004 preemption in markets directly contributed to the sub-prime mortgage crises” and “resulted in deterioration in the quality of, and increase in the default risk for, mortgages originated by OCC lenders in states with strong anti-predatory lending laws.” Chopra warned that while Congress has limited the OCC’s ability to impact state consumer protection enforcement, actions that attempt to preempt stronger state consumer protection laws are “fundamentally wrong.”
To combat this, Chopra said he is considering changes that would expand state attorney general authority to enforce many federal consumer protection laws, including the Consumer Financial Protection Act (CFPA), which prohibits unfair, deceptive, and abusive practices, particularly in situations where “federal protections are stronger than state statutes.” These changes would allow states to pursue action, provided notice is given to the Bureau before filing a complaint. Chopra said he is also exploring ways to provide states more access to remedies available under the CFPA, such as civil money penalties that states could “use to bolster deterrence” in addition to access of the Bureau’s victim relief fund to provide compensation to affected consumers in state enforcement actions (the fund is currently only available in actions involving the Bureau). In the meantime, Chopra stated the Bureau is reviewing notifications from states so the agency can join actions as appropriate.
Chopra also repeated his warning about reining in repeat offenders and reiterated the need for “exploring all possible remedies,” including those directed at senior management and executive levels, to address recidivism and reshape behavior and incentives. Chopra cautioned that companies cannot be allowed “to weave in and out of state and federal regulatory oversight” and that the Bureau and the states need to “look after one another’s orders.” He stated that the Bureau intends to alert states when it “find[s] their orders are being flouted.”
Nebraska creates Consumer Affairs Response Team
On December 2, the Nebraska attorney general launched the Consumer Affairs Response Team (CART) to help state residents address complaints and identify scams related to a wide range of consumer-related issues, such as fraud, identity theft, scams, and unfair and deceptive business practices. CART will accept complaints after a consumer has first made a “good-faith-effort” to resolve any issues directly with a business. If CART determines that the consumer’s complaint falls within its authority, it will engage in the dispute resolution process by facilitating communications between the consumer and the business. CART was created after the AG’s office discovered a 65 percent increase in identity theft reports as well as a 27 percent increase in fraud and other types of consumer scams.
Ohio enacts robocall legislation
On December 1, Ohio’s governor signed into law SB 54, which, under most circumstances, prohibits companies from knowingly transmitting Caller ID information that is either misleading or inaccurate through a telecommunication service or voiceover Internet protocol service. Among other things, the bill creates additional penalties for inaccurate caller ID, provides the Ohio attorney general the authority to file civil actions in state or federal court, provides state criminal penalties in certain instances, and requires entities that use a telephone number that is identified as “unknown” or “blocked” to leave voicemail messages and include the person's identity. The law is effective March 2, 2022.
New York reaches $1.2 million settlement with debt collectors
On November 16, the New York attorney general announced a settlement with an illegal debt collection scheme operation and its operator (collectively, “respondents”) to resolve allegations that the respondents used illegal tactics to collect consumer debt, which included false threats of criminal action, wage garnishment, driver’s license suspension, and lawsuits. According to the AG, the operator started his debt collection career collecting debts with a network of New York-based debt collectors that settled with the CFPB and New York AG in 2019 to resolve allegations that the defendants engaged in improper debt collection tactics in violation of the CFPA, the FDCPA, and various New York laws. (Covered by InfoBytes here.) Using different names, the operator allegedly continued to use deceptive and illegal threats to collect on consumer debts. In addition, the AG claimed the operator was a debt broker, “selling debts to and placing debts for collection with other collectors that engaged in egregious violations of the law.”
Under the terms of the settlement agreement, the respondents, among other things, must pay $1.2 million to the office of the AG in restitution and penalties and must dissolve all of the associated debt collection companies. The respondents are also permanently banned from engaging in consumer debt collection, consumer debt brokering, consumer lending, debt settlement, credit repair services, and payment processing.
Illinois AG, IDFPR settle with three payday lenders
On November 5, the Illinois attorney general and the Illinois Department of Financial and Professional Regulation (IDFPR) announced a settlement resolving allegations that three companies violated Illinois lending laws by generating payday loan leads without a license and arranging high-cost payday loans for out-of-state payday unlicensed lenders. The AG and IDFPR further alleged that the companies falsely represented their loan network as being “trustworthy,” although the loan terms and conditions did not comply with Illinois law, which violated the Illinois’ Consumer Fraud and Deceptive Business Practices Act. The AG sued the companies in 2014 after the companies refused to comply with a cease and desist order issued by IDFPR, which required them to become licensed. According to the announcement, under the terms of the settlement, the companies are prohibited from: (i) arranging or offering small-dollar loans, online or otherwise, without being licensed by IDFPR; (ii) advertising or offering any small consumer loan arrangements or lead generation services in Illinois, unless they are licensed by IDFPR; and (iii) providing services associated with arranging or offering small dollar loans to Illinois consumers without being licensed by IDFPR.
Kansas AG fines companies for unlawful data disposal
On November 1, the Kansas attorney general ordered three national companies that manage business documents to pay fines totaling nearly $500,000 for the alleged unlawful disposal of records containing consumers’ personal information. According to the Kansas AG, the companies violated the Kansas Consumer Protection Act and the Wayne Owen Act by repeatedly disposing of records in unsecured trash receptacles without “rendering the personal information unreadable or undecipherable.” By engaging in these actions, the AG stated, the companies failed to comply with the requirements that companies implement and maintain reasonable policies and procedures and exercise reasonable care to protect personal information from unauthorized access and use, and take reasonable steps to destroy records containing personal information when they are no longer needed. Under the terms of the consent judgments (see here, here, and here), the companies must pay the fine, implement measures to ensure the proper disposal of documents, conduct employee training on the proper handling and disposal of personal information, and evaluate their information security programs and policies to ensure personal information is protected.