InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
CFPB issues semi-annual report to Congress
On February 3, the CFPB issued its semi-annual report to Congress covering the Bureau’s work from April 1, 2019, through September 30, 2019. The report, which is required by the Dodd-Frank Act, addresses, among other things, problems faced by consumers with regard to consumer financial products or services; significant rules and orders adopted by the Bureau; and various supervisory and enforcement actions taken by the Bureau. In her opening letter, Director Kathy Kraninger reported that she has focused, “whenever appropriate and possible” on two areas: (i) encouraging saving, by establishing a program called “Start Small, Save Up”; and (ii) unleashing innovation by reducing regulatory constraints and revising innovation policies and promoting cooperation between state and federal regulators, as demonstrated with the launch of the American Consumer Financial Innovation Network last year.
Among other things, the report highlights credit scores, credit reporting, and the consumer credit card market as areas in which consumers face significant problems. The report notes that credit reports and credit scores greatly affect credit available to consumers. With respect to the availability of general purpose credit cards the report cites Bureau findings that in 2018, consumers with high credit scores had an 83 percent approval rate, whereas consumers with subprime credit scores had only a 17 percent approval rate. In addition to these areas of focus, the report notes the issuance of one significant final rule—Payday, Vehicle Title, and Certain High-Cost Installment Loans; Delay of Compliance Date; Correction Amendments—last year. (Covered by InfoBytes here.) Several less significant rules were also finalized, including (i) Technical Specifications for Submissions to the Prepaid Account Agreements Database; (ii) Availability of Funds and Collection of Checks (Regulation CC); and (iii) Home Mortgage Disclosure (Regulation C)–2019 Final Rule.
FTC settles deceptive ranking charges with lead generator
On February 3, the FTC announced a settlement with operators of a lead generator website (respondents) that compares and ranks consumer financial products such as student loans, personal loans, and credit cards. According to the FTC’s complaint, the respondents violated the FTC Act by allegedly making false representations to consumers that their rankings were objective, honest, accurate, and unbiased, when in fact, the defendants allegedly offered higher rankings to companies that paid for placement. In addition, the complaint alleges that certain highly ranked companies dropped placement spots after refusing to pay for their positions. The complaint further contends that the respondents allegedly claimed that customer reviews were impartial, but in reality most reviews were written by company employees or their family friends, or others associated with the company, or by fabricated consumers. Without admitting or denying the allegations, the respondents have agreed to pay $350,000 under the terms of the proposed settlement, and are prohibited from making future misrepresentations connected with the “advertising, promotion, offering for sale, or sale of any product or service.”
French aerospace company to pay more than $3.9 billion to resolve foreign bribery cases
On January 31, a French aerospace company that manufactures civilian and military aircraft agreed to pay combined penalties of more than $3.9 billion to U.S., French, and UK authorities. The company resolved foreign bribery charges with all three jurisdictions, as well as U.S. violations of the Arms Export Control Act (AECA) and its implementing regulations, and the International Traffic in Arms Regulations (ITAR). (See deferred prosecution agreement and information filed in the U.S. District Court for the District of Columbia.) The resolutions covered bribes paid in countries including China, Sri Lanka, Malaysia, Indonesia, Taiwan, and Ghana.
With respect to the FCPA, according to the DOJ’s announcement, beginning in at least 2008 and continuing through at least 2015 the company engaged in a global “scheme to use third-party business partners to bribe government officials, as well as non-governmental airline executives.” The bribes were offered to decision makers, including foreign officials, “in order to obtain improper business advantages and to win business from both privately owned enterprises and entities that were state-owned and state-controlled.” The AECA and ITAR violations involved “fil[ing] numerous applications for the export of defense articles and defense services to foreign armed forces[,]” but failing to provide the U.S. State Department’s Directorate of Defense Trade Controls (DDTC) “with accurate information related to commissions paid by [the company] to third-party brokers who were hired to solicit, promote or otherwise secure the sale of defense articles and defense services to foreign armed forces.” As part of the deferred prosecution agreement, the company agreed to cooperate with the DOJ’s ongoing investigations and prosecutions and enhance its compliance program. The DOJ also recognized the company’s cooperation and remediation.
FHFA updates Fannie, Freddie seller/servicer eligibility
On January 31, the FHFA proposed updated minimum financial requirements for Fannie Mae and Freddie Mac (GSEs) single-family mortgage sellers and servicers. The updates are designed to provide transparency and consistency of capital and liquidity requirements for sellers and servicers with different business models. A key improvement to the 2015 minimum financial requirements (covered by InfoBytes here), FHFA stated, is that the updated standards will establish financial requirements for servicing Ginnie Mae mortgages. FHFA further noted that the new minimum liquidity standards will only be applied to non-depository institutions—depository institutions will continue to rely on their existing regulatory standards to meet the GSEs’ capital and liquidity requirements. FHFA will accept comments on the proposal for 60 days, and anticipates finalizing the requirements in the second quarter of 2020, with an expected effective date six months after finalization.
Fed clarifies bank control structure under BHC and HOLA
On January 30, the Federal Reserve Board (Fed) issued a final rule to simplify and increase the transparency of existing rules for determining if a company has control over a banking organization under the Bank Holding Company Act (BHC Act) and the Home Owners’ Loan Act (HOLA). According to the Fed, the final rule—proposed last April (covered by InfoBytes here)—establishes “a comprehensive and public framework to determine when a company controls a bank or a bank controls a company” through the use of several key factors including “the company’s total voting and non-voting equity investment in the bank; director, officer, and employee overlaps between the company and the bank; and the scope of business relationships between the company and the bank.” A tiered presumptions visual accompanied the final rule, which outlines the determination of control based on the level of voting ownership at four different thresholds: less than 5 percent; 5 to 9.99 percent; 10 to 14.99 percent; and 15 to 24.99 percent. In addition, the Fed noted that the final rule “generally applies the same standards in the context of the BHC Act and HOLA” in terms of the definition of “control.” Federal Reserve Governor Lael Brainard issued a statement supporting the final rule, but stressed the importance of monitoring banking organizations’ ownership structures in light of the “control framework” and industry trends in order to identify issues affecting financial stability and competition. Brainard further emphasized that the “control framework” should be monitored in terms of how it interacts with other regulations involving ownership thresholds. The final rule takes effect April 1.
Court certifies breach of contract class against bank
On January 30, the U.S. District Court for the Northern District of California certified a class of mortgage borrowers in a breach of contract suit against a national bank (defendant). In doing so, the court approved a class defined as consumers who (i) had a mortgage loan with the defendant; (ii) qualified for a modification of their loan between 2010 and 2018 “pursuant to the requirements of government-sponsored enterprises (such as Fannie Mae and Freddie Mac), the Federal Housing Administration (FHA), [or] the U.S. Department of Treasury’s Home Affordable Modification Program (HAMP)”; (iii) though they qualified, were not offered a loan modification by the defendant due to defendant’s flawed calculations of eligibility; and (iv) had their homes foreclosed upon and sold by the defendant. According to the order, the plaintiffs claimed that in 2013 the “defendant discovered a calculation error that had caused certain fees to be misstated and had resulted in incorrect mortgage modification denials,” but the problem was not fully resolved until 2018.
The court also granted the plaintiffs’ motion for leave to file a third amended complaint in order to add a plaintiff “whose property was secured by an FHA instrument.” The plaintiffs reasoned that they should have a representative for the FHA contracts as well as a representative for the GSE contracts, in case it is argued that the FHA and GSE contracts are so different that each requires its own representative.
Agencies to modify Volcker Rule’s “covered funds” requirements
On January 30, the OCC, Federal Reserve Board, FDIC, SEC, and CFTC issued a notice of proposed rulemaking to modify and streamline the “covered funds” requirements under Section 13 of the Bank Holding Company Act, commonly known as the Volcker Rule (Rule). As previously covered by InfoBytes, last fall the regulators signed off on final revisions to the Rule to simplify and tailor its restrictions on a banking entity’s ability to engage in proprietary trading and own certain funds. Specifically, the proposed amendments would modify the restrictions for banking entities investing in, sponsoring, or having certain relationships with covered funds, including simplifying provisions related to foreign public funds, loan securitizations, and small business investment companies. The amendments would also, among other things, (i) limit the extraterritorial impact of the Rule on certain foreign funds offered by foreign banks to foreign investors; (ii) modify and propose several existing exclusions to allow banking entities to invest in or sponsor certain types of funds—subject to certain safeguards—such as credit funds, venture capital funds, family wealth management vehicles, and customer facilitation funds; and (iii) permit intraday extensions of credit, payment, clearing, and settlement transactions between a banking entity and covered funds the banking entity advises or sponsors, or with which the banking entity has certain other relationships. Comments will be accepted through April 1.
FDIC finalizes securitization safe harbor
On January 30, the FDIC adopted the Final Rule to Revise Securitization Safe Harbor Rule (rule) as recommended by FDIC staff in a memorandum dated January 23. In July, as previously covered by InfoBytes, the FDIC approved a proposal to remove the requirement that, for safe harbor treatment, “the documents governing a securitization issuance require compliance with Regulation AB” of the SEC Regulation AB, “in circumstances where Regulation AB is not, by its terms, applicable to that transaction.” The proposal suggested that “it is no longer clear that compliance with the public disclosure requirements of Regulation AB in a private placement or in an issuance not otherwise required to be registered is needed to achieve the policy objective of preventing a buildup of opaque and potentially risky securitizations such as occurred during the pre-crisis years, particularly where the imposition of such a requirement may serve to restrict overall liquidity.” The final rule—which is unchanged from the proposal—eliminates the “significant disclosure requirements” to no longer mandate that private placements of securitization obligations provide Regulation AB disclosures. With the adoption of the final rule, only those transactions that are subject to Regulation AB are required to make the disclosures. The rule is expected to increase the securitization of residential mortgages and will become effective 30-60 days after it is published in the Federal Register.
Federal Reserve hits bank for flood insurance violations
On January 30, the Federal Reserve Board (Fed) announced an enforcement action against a New York-based bank for allegedly violating the National Flood Insurance Act (NFIA) and Regulation H, which implements the NFIA. The consent order assesses a $36,500 civil money penalty against the bank for an alleged pattern or practice of violations of Regulation H, but does not specify the number or the precise nature of the alleged violations. The maximum civil money penalty under the NFIA for a pattern or practice of violations is $2,000 for each violation. The consent order was signed by both the bank and the Fed on January 24.
Maryland, Hawaii, and Virginia are latest states to introduce privacy legislation
Recently, Maryland, Hawaii, and Virginia introduced privacy legislation designed to strengthen consumer access and control over personal data, joining efforts by Washington and New York to pass privacy bills containing provisions that differ from those in the California Consumer Privacy Act (CCPA), which took effect January 1. (See InfoBytes coverage on Washington here, New York here, and the CCPA here.)
On January 17, Maryland introduced HB 249 to amend the state’s Commercial Law by adding a section titled “Consumer Personal Information Privacy.” Under the proposed bill, consumers would be provided the right to opt-out of the disclosure of their personal information to third parties. HB 249 defines “disclosure” as “a transfer of a consumer’s personal information by a business to a third party, including selling, renting, releasing, disseminating, making available, transferring, or otherwise communicating by any means.” The bill clarifies that disclosure does not include (i) a transfer of personal information to a service provider by a business for an operational purpose; (ii) identification of a consumer who has opted-out to alert third parties; and (iii) a transfer of personal information to a third party “as an asset that is part of a transaction in which the third party assumes control of all or part of the business.” The bill also stipulates requirements for businesses related to the consumer opt-out process, and states that a violation of the bill’s provisions would constitute an unfair or deceptive trade practice under Maryland’s Consumer Protection Act.
The same day, SB 2451 was introduced in the Hawaii Senate to add a new section to Chapter 487J of the Hawaii Revised Statutes, which stipulates that third parties cannot use or sell personal information purchased from a business unless a consumer receives explicit notice, provides express written consent, and chooses not to opt-out after given the opportunity to do so. The proposed bill also provides consumers the opportunity to, at any time, opt-out of the sale of their personal information to third parties. Among other things, the bill outlines provisions related to the sale of personal information for consumers less than 16 years of age, as well as specific compliance requirements for businesses when providing notice to consumers. SB 2451 also defines a third party as one that is (i) not a “business that collects personal information from consumers”; or (ii) not a person who receives personal information from a business for a business purpose pursuant to a written contract that restricts further use of the personal information.
Earlier, on January 3, HB 473, known as the “Virginia Privacy Act,” was introduced. Among other things, the bill requires data controllers to be transparent about their processing activities and be responsible for, upon verified request from the consumer, (i) confirming the uses of personal data; (ii) correcting inaccuracies; (iii) deleting unnecessary personal data or data for which the consumer has withdrawn consent; (iv) limiting the processing of personal data to what is required and relevant for a specified purpose; and (v) obtaining consumer consent in order to process sensitive data. HB 473 also provides consumers the right to object at any time to the processing of personal data, including the sale of data to third parties for targeted advertising, and stipulates that third parties must honor objection requests received from third-party controllers. The bill also requires controllers to conduct risk assessments for all processing activities that involve personal data, and conduct additional assessments each time a processing change occurs that “materially increases the risk to consumers.” If enacted, violations of HB 473 would “constitute a prohibited practice” pursuant to Virginia Consumer Protection Act (VCPA) Section 59-1-200 and violators would be subject to any and all of the VCPA’s enforcement provisions.