Skip to main content
Menu Icon Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations
Section Content

Upcoming Events

Filter

Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • OCC updates Comptroller’s Handbook booklet to address deposit-related credit

    Agency Rule-Making & Guidance

    On September 12, the OCC issued Bulletin 2018-28, which updates the “Deposit-Related Credit” booklet of the Comptroller’s Handbook previously issued March 2015. The booklet provides guidance for OCC examiners to be used in connection with the examination and supervision of national banks and federal savings associations who offer small-dollar, unsecured deposit-related credit products and services, such as check credit, overdraft protection, and deposit advance products. The booklet also includes, among other things, (i) updated guidance following the rescission of OCC Bulletin 2013-40, “Deposit Advance Products: Final Supervisory Guidance,” (previously covered by InfoBytes here) and the issuance of OCC Bulletin 2018-14, “Installment Lending: Core Lending Principles for Short-Term, Small-Dollar Installment Lending” (previously covered by InfoBytes here); (ii) information concerning limitations and requirements for consumer credit products extended to active-duty servicemembers covered by the Military Lending Act; (iii) integrated citations to third-party risk management guidance and procedures; (iv) information pertaining to new products and services, including sound due diligence practices; and (v) prohibitions against unfair, deceptive, or abusive acts or practices under Dodd-Frank.

    Agency Rule-Making & Guidance OCC Comptroller's Handbook Deposit Products Examination Supervision Military Lending Act

    Share page with AddThis
  • Washington state Attorney General sues towing company for alleged state SCRA violation

    State Issues

    On September 11, the Washington state Attorney General announced the filing of a lawsuit against a towing company for allegedly auctioning off a servicemember’s car while he was deployed, in violation of the Washington Servicemembers’ Civil Relief Act (WSCRA). The complaint argues that the towing company impounded and unlawfully sold a deployed servicemember’s car without first determining the military status of the car’s owner and without obtaining a court order, as required by the WSCRA. The complaint rejects the towing company’s arguments that the responsibility fell on the servicemember’s creditor to redeem the vehicle as the legal owner because the law places the duty for determining military status on the party enforcing the lien. The complaint seeks restitution for the servicemember and a permanent injunction. Additionally, the complaint seeks civil penalties of up to $55,000 for a first offense and up to $110,000 for subsequent offenses, as allowed by the WSCRA.

    State Issues State Attorney General SCRA Consumer Finance Auto Finance Servicemembers

    Share page with AddThis
  • CFPB argues structure is constitutional under current precedent

    Courts

    On September 10, the CFPB rejected the arguments made by two Mississippi-based payday loan and check cashing companies (appellants) challenging the constitutionality of the CFPB’s single director structure. The challenge results from a May 2016 complaint filed by the CFPB against the appellants alleging violations of the Consumer Financial Protection Act (CFPA) for practices related to the companies’ check cashing and payday lending services, previously covered by InfoBytes here. The district court denied the companies’ motion for judgment on the pleadings in March 2018, declining the argument that the structure of the CFPB is unconstitutional and that the CFPB’s claims violate due process. The following April, the 5th Circuit agreed to hear an interlocutory appeal on the constitutionality question and subsequently, the appellants filed an unopposed petition requesting for initial hearing en banc, citing to a July decision by the 5th Circuit ruling the FHFA’s single director structure violates Article II of the Constitution (previously covered by InfoBytes here).

    In its September response to the appellants’ arguments, which are similar to previous challenges to the Bureau’s structure—specifically that the Bureau is unconstitutional because the president can only remove the director for cause—the Bureau argues that the agency’s structure is consistent with precedent set by the U.S. Supreme Court, which has held that for-cause removal is not an unconstitutional restriction on the president’s authority. The brief also cited to the recent 5th Circuit decision holding the FHFA structure unconstitutional and noted that the court acknowledged the Bureau’s structure as different from FHFA in that it “allows the President more ‘direct[] control.’” The Bureau also argues that the appellants are not entitled to judgment on the pleadings because the Bureau’s complaint— which was filed under the previous Director, Richard Cordray— has been ratified by acting Director, Mick Mulvaney, who is currently removable at will under his Federal Vacancies Reform Act appointment and therefore, any potential constitutional defect in the filing is cured. Additionally, the Bureau argues that even if the single-director structure were deemed unconstitutional, the provision is severable from the rest of the CFPA based on an express severability clause in the Dodd-Frank Act.

    Courts Fifth Circuit Appellate Federal Issues CFPB CFPB Succession Dodd-Frank FHFA Single-Director Structure U.S. Supreme Court

    Share page with AddThis
  • CFPB publishes final rule relating to disclosure of confidential records and information

    Agency Rule-Making & Guidance

    On September 12, the CFPB published a final rule to modify its procedures for the disclosure of records and information. As previously covered in InfoBytes, the notice of proposed rulemaking—published August 2016—sought to amend procedures used to obtain information from the Bureau under the Freedom of Information Act (FOIA), the Privacy Act of 1974, and in legal proceedings. In response to comments on its proposal, the final rule revises the following subparts under section 1070 of title 12 of the Code of Federal Regulations: (i) Subpart A: “procedures related to the certification of authenticity of Bureau records and the service of summonses or complaints on the Bureau”; (ii) Subpart B: practices to provide requesters additional flexibility under FOIA; and (iii) Subpart C: “procedures for requests for information from the Bureau in connection with legal proceedings.” Subpart E, which implements the Privacy Act of 1974, received no comments and has been finalized without modification. The Bureau noted that the final rule does not revise Subpart D, which relates to the “confidential treatment of information obtained from persons in connection with the exercise of its authorities under federal consumer financial law.” The final rule takes effect October 12.

    Agency Rule-Making & Guidance CFPB FOIA Disclosures

    Share page with AddThis
  • Agencies say supervisory guidance does not have the “force and effect” of law

    Agency Rule-Making & Guidance

    On September 11, five federal agencies (the Federal Reserve Board, CFPB, FDIC, NCUA, and OCC) issued a joint statement confirming that supervisory guidance “does not have the force and effect of law, and [that] the agencies do not take enforcement actions based on supervisory guidance.” The statement distinguishes the various types of supervisory guidance—interagency statements, advisories, bulletins, policy statements, questions and answers, and frequently asked questions—from laws or regulations and emphasizes that the intention of supervisory guidance is to outline agencies’ expectations or priorities. The statement highlights five policies and practices related to supervisory guidance: (i) limit the use of numerical thresholds or other “bright-line” requirements; (ii) examiners will not cite to “violations” of supervisory guidance; (iii) request for public comment does not mean the guidance has the force and effect of law; (iv) limit multiple issuances of guidance on the same topic; and (v) continue to emphasize the role of supervisory guidance to examiners and to supervised institutions.

    Agency Rule-Making & Guidance Federal Reserve CFPB FDIC NCUA OCC Supervision Examination Enforcement

    Share page with AddThis
  • CFPB issues updated FCRA model disclosures to implement Economic Growth, Regulatory Relief, and Consumer Protection Act amendments

    Federal Issues

    On September 12, the CFPB issued an interim final rule to comply with the Economic Growth, Regulatory Relief, and Consumer Protection Act (the “Act”) (previously Senate bill S. 2155). Section 301(a)(1) of the Act amends the FCRA to add section 605A(i), which requires consumer reporting agencies to provide national security freezes free of charge to consumers. Additionally, the new section requires that whenever a consumer is provided a “summary of rights” under section 609, the summary must include a notice regarding the right to obtain a free security freeze. The Act also amends FCRA section 605A(a)(1)(A) to extend from 90 days to one year the minimum time that a credit reporting agency must include an initial fraud alert on a consumer’s file.

    The interim final rule, which is effective on September 21, amends the model forms in Regulation V to comply with the Act. The interim file rule also permits various compliance alternatives to mitigate the impact of the changes to these forms, including allowing the use of the 2012 model forms so long as a separate page provided in the same transmittal contains the new information required.

    Comments on the interim final rule will be due 60 days after publication in the Federal Register. Links to the English and Spanish versions of the revised Summary of Consumer Rights and revised Summary Consumer Identity Theft Rights, covered by Section 609 of the FCRA, are available here.

    Federal Issues CFPB FCRA Disclosures S. 2155 EGRRCPA Security Freeze

    Share page with AddThis
  • California governor signs amendments requiring the furnishing of customer account information associated with certain crime reports

    State Issues

    On September 6, the governor of California signed amendments to the California Right to Financial Privacy Act to provide various state and local agencies—including the police, sheriff’s department, or district attorney in the state—the authorization to request information from financial institutions in certain circumstances associated with crime reports involving the alleged fraudulent use of drafts, checks, access cards, or other orders. Specifically, AB 3229 states that banks, credit unions, and savings associations must furnish a statement with the requested customer account information for a period of 30 days prior, and up to 30 days following, the date of the alleged illegal act’s occurrence. AB 3229 further states that financial institutions will be required to furnish account information—subject to the outlined procedures—to a DOJ special agent upon request.

    State Issues State Legislation Privacy/Cyber Risk & Data Security

    Share page with AddThis
  • New Jersey Attorney General announces settlement with data management software company over auto dealer data breach claims

    State Issues

    On September 7, the New Jersey Attorney General announced a settlement with an Iowa-based data management software company related to an alleged data breach that exposed the personally identifiable information (PII) of auto dealership customers across the country. According to the consent order, the company—which develops and operates a dealer management system that stores and secures customer and employee data accessed by 130 auto dealerships nationwide—experienced a breach of security in 2016 that allowed unauthorized public access to unencrypted files containing PII. Following the breach, the state commenced an investigation into whether the company violated either the state’s Consumer Fraud Act (CFA) or its Identity Theft Prevention Act (ITPA). Under the terms of the settlement, the company—without admitting to the allegations—has agreed to pay a $49,420 civil money penalty, of which $20,000 will be suspended and automatically vacated after two years provided the company complies with the consent order and does not engage in any future violations of the CFA and/or the ITPA. Furthermore, the company will pay $31,365 to reimburse attorneys’ fees, and has, among other things, agreed to implement a comprehensive security program to prevent similar breaches from occurring in the future.

    State Issues Privacy/Cyber Risk & Data Security Data Breach State Attorney General

    Share page with AddThis
  • California updates notice requirements on time-barred debt collection efforts

    State Issues

    On September 5, the California governor signed AB 1526, which, among other things, amends state debt collection law to require certain written notices to be included in the first written communications provided to the debtor after the debt became time-barred and after the date for obsolescence under the FCRA. If the debt is not past the date of obsolescence, the debt collector is required to include specific language in the first written communication to the debtor after the debt has become time-barred that indicates the debtor will not be sued for the debt, but the debt may be reported as unpaid to credit reporting agencies as allowed by law. If the debt is past the date of obsolescence, the debt collector is required to include specific language in the first written communication to the debtor after the date for obsolescence indicating the debtor will not be sued for the debt and the debt will not be reported to credit reporting agencies. The law also incorporates a four-year statute of limitations on the collection of debt by specifically prohibiting a debt collector from initiating a lawsuit, an arbitration, or other legal proceeding to collect the debt after the four-year period in which the action must have been commenced has ended.

    State Issues Debt Collection State Legislation FCRA

    Share page with AddThis
  • 8th Circuit holds employee failed to plead injuries in FCRA suit against employer, law firm, and credit reporting agency

    Courts

    On September 6, the U.S. Court of Appeals for the 8th Circuit held that an employee lacked standing to bring claims under the Fair Credit Reporting Act (FCRA) because she failed to sufficiently plead she suffered injuries. An employee brought a lawsuit against her former employer, a law firm, and a credit reporting agency (defendants) alleging various violations of the FCRA after the employee’s credit report that was obtained as part of the hiring process background check was provided to the employee in response to her records request in a wrongful termination lawsuit she had filed. The district court dismissed the claims against the employer and the law firm and granted judgment on the pleadings for the credit reporting agency. Upon appeal, the 8th Circuit, citing the Supreme Court’s 2016 ruling in Spokeo, Inc. v. Robins (covered by a Buckley Sandler Special Alert), concluded the former employee lacked Article III standing to bring the claims. The court found that the former employee authorized her employer to obtain the credit report and failed to allege the report was used for unauthorized purposes, therefore there was no intangible injury to her privacy. Additionally, the court determined that the injuries to her “reputational harm, compromised security, and lost time” were “‘naked assertion[s]’ of reputational harm, ‘devoid of further factual enhancement.’” As for claims against the law firm and credit reporting agency, the court found that the injury was too speculative as to the alleged failures to take reasonable measures to dispose of her information. Further, whether the credit reporting agency met all of its statutory obligations to ensure the report was for a permissible purpose was irrelevant, as she suffered no injury because she provided the employer with consent to obtain her credit report.

    Courts FCRA Eighth Circuit Appellate Spokeo Credit Reporting Agency Standing

    Share page with AddThis

Pages