InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
OFAC sanctions Hizballah financier conduits
On April 24, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions against two individuals and three entities “acting as conduits for sanctions evasion schemes" for Hizballah finances. The designated entities and individuals are also subject to secondary sanctions pursuant to the Hizballah Financial Sanctions Regulations, which implement the Hizballah International Financing Prevention Act of 2015, and allows OFAC the authority to “prohibit or impose strict conditions on the opening or maintaining in the United States of a correspondent account or a payable-through account by a foreign financial institution that knowingly facilitates a significant transaction for Hizballah, or a person acting on behalf of or at the direction of, or owned or controlled by, Hizballah.” As a result, all property and interests in property of the sanctioned individuals and entities, and of any entities owned 50 percent or more by them subject to U.S. jurisdiction, are blocked and must be reported to OFAC. U.S. persons are also generally prohibited from entering into transactions with designated persons.
Visit here for additional InfoBytes coverage on sanctions involving Hizballah networks.
Washington state recognizes distributed ledger technology
On April 26, the Washington state governor signed SB 5638, which recognizes the validity of distributed ledger technology. Intending to expand the scope of the existing federal ESIGN Act, the bill adds a new chapter to the Revised Code of Washington, defining distributed ledger technology as “any distributed ledger protocol and supporting infrastructure, including blockchain, that uses a distributed, decentralized, shared, and replicated ledger.” The bill prohibits an electronic record from being denied “legal effect, validity, or enforceability solely because it is generated or stored using distributed ledger technology.” The bill is effective July 28.
4th Circuit: RESPA time-bar annulled by fraudulent concealment
On April 26, the U.S. Court of Appeals for the 4th Circuit reversed a district court’s dismissal of five plaintiffs’ putative class actions alleging RESPA violations, concluding that the claims were not time-barred due to the fraudulent concealment tolling doctrine. According to the opinion, between 2009 and 2014, several banks and mortgage companies (collectively, “defendants”) referred plaintiffs to a title company to procure title insurance and obtain settlement services, which allegedly provided the defendants with “several forms of ‘unearned fees and kickbacks’ to induce those referrals” in violation of RESPA. The plaintiffs alleged the kickbacks came in the form of payments to advertising and marketing shell companies for the referrals, which would then make payments to brokers or loan officers of the defendants. The district court dismissed the class actions because the first of the five class actions was not filed until June 2016, which was well beyond the one-year statute of limitations under RESPA.
On appeal, the plaintiffs argued that they were entitled to relief under RESPA because the kickback scheme was allegedly “fraudulently concealed” by the defendants by using “sham” entities and not reporting the payments on the plaintiffs’ HUD-1 settlement statements. The 4th Circuit agreed, concluding that the district court erred in dismissing the plaintiffs’ claims. The appellate court noted that Congress did not intend to “allow individuals and entities that conceal their unlawful kickback schemes and other RESPA violations to reap the benefit of the statute of limitations as a defense.” Rejecting the defendants’ assertion that publicly-available information, including earlier court filings, should have “‘excited further inquiry’” by the plaintiffs to timely file the action, the appellate court emphasized that the fraudulent concealment doctrine requires only “reasonable diligence” and does not “necessarily hold individual borrowers to the diligence standard of combing court filings in potentially related cases, particularly when the borrower has no reason to be aware of the related cases.”
11th Circuit: Bank not obligated to investigate FCRA dispute
On April 25, the U.S. Court of Appeals for the 11th Circuit affirmed a district court’s dismissal of a putative class action against a national bank, finding that the plaintiff failed to show an investigation would reveal the bank inaccurately furnished information to credit reporting agencies (CRAs). According to the opinion, after the plaintiff failed to make payments on his mortgage, the bank reported the delinquencies to the three CRAs. A Florida circuit court entered a final judgment of foreclosure in the bank’s favor, which the plaintiff paid two years later after the account was transferred to a different lender. Two years after he paid the foreclosure judgment, the plaintiff noticed that the CRAs showed his account as past due despite the fact that the judgment had been paid. However, following an investigation, the CRAs confirmed that the information provided by the bank was accurate, since it reflected two years of missed payments that the plaintiff later contended he was not obligated to make due to the filing for the foreclosure action. The plaintiff filed a class action suit alleging the bank violated the FCRA by failing to report that he had paid off the foreclosure judgment. The district court dismissed the case with prejudice, ruling that the bank satisfied its obligations under the FCRA, and that the plaintiff failed to support his claim that the bank was obligated to report the payoff after it transferred the account.
On appeal, the 11th Circuit agreed with the district court, opining that because the plaintiff never claimed that the bank was informed of the past-due status dispute by the CRAs, the bank was not obligated to investigate under the FCRA. The court noted that the plaintiff “never alleged that [the bank] received notification from the CRAs that he disputed his account's past-due status as of July 2017,. . .that the CRAs provided notification of any such dispute to [the bank],. . .or even that he contacted the CRAs to dispute that aspect of his credit reports.” The plaintiff further argued that the filing of the foreclosure action and acceleration of the loan relieved him of the obligation to make monthly payments. The 11th Circuit was “unconvinced” by the argument and said that, nonetheless, “[w]hether [the plaintiff] was obligated to make payments on the mortgage after the Foreclosure Action was filed is a currently unresolved legal, not a factual, question. Thus, even assuming [the bank] furnished information that turned out to be legally incorrect under some future ruling, [the bank’s] purported legal error was an insufficient basis for a claim under the FCRA.”
Websites settle FTC data security allegations
On April 24, the FTC announced separate settlements with the operators of an online rewards website and a dress-up games website to resolve allegations concerning poorly implemented data security measures and Children’s Online Privacy Protection Act (COPPA) violations. According to the FTC, the online rewards website operator collected personal information (PII) from users who participated in their online offerings and made promises that their account information was secure. However, the operator allegedly failed to implement data security measures or utilize encryption techniques, which granted hackers access to the network. In addition, the operator allegedly maintained PII in clear unencrypted text. As a result of the breach, hackers published and offered for sale PII for approximately 2.7 million consumers. Under the terms of the decision and order, the operator is, among other things, prohibited from misrepresenting the measures taken to protect consumers’ PII and is required to implement a comprehensive information security program for future collections of PII.
On the same day, the FTC reached a proposed settlement with a dress-up games website and its operators, who allegedly violated COPPA by failing to obtain parental consent before collecting personal information from children under 13 or provide reasonable and appropriate security for the collected data. According to the FTC, data security failures allowed hackers access to the company’s network, which stored information for roughly 245,000 users under age 13. As part of the proposed settlement filed in the U.S. District Court for the Northern District of California, the company and operators, among other things, (i) have agreed to pay $35,000 in civil penalties; (ii) will change their business practices to comply with COPPA; and (iii) are prohibited from selling, sharing, or collecting personal information until a comprehensive data security program is implemented and undergoes independent biennial assessments.
OCC proposes Innovative Pilot Program
On April 30, the OCC released a proposed Innovative Pilot Program (and accompanying program FAQs), which is designed to support responsible innovation in the U.S. federal banking system by allowing eligible entities to test novel products, services, or processes that could present significant benefits to consumers, businesses, financial institutions, and communities. Under the program, the OCC would provide eligible entities with regulatory input, through tools such as interpretive letters during the development and implementation of proposed innovative activities. Any proposal the agency determines to have potentially predatory, unfair, or deceptive features; poses undue risk to consumers; or poses undue safety and soundness risk to an institution would be deemed as inconsistent with existing law and policy and not permitted in the program. Highlights of the proposed program include:
- Eligibility. OCC-supervised financial institutions may participate in the program independently or when partnered with a third-party entity to offer an innovative activity. Third-party entities, not supervised by the OCC, may not independently participate. Additionally, eligible entities seeking to participate in the program must establish an uncertainty (“perceived to be a barrier to development and implementation”) that justifies the need for the OCC’s involvement during development or implementation of the innovative product or service and must also show how the innovative activity has the potential to benefit the needs of consumers, businesses, and or communities.
- Parameters. The OCC anticipates participation in the program to last between three and 24 months, but the duration of each pilot will be on a case-by-case basis. The program may include the use of interpretive letters, supervisory feedback, and technical assistance, as well as potential determinations of legal permissibility before a live test. Notably, the program will not provide any statutory or regulatory waivers, and all participants must continue to comply with applicable laws and regulations.
- Evaluation Process. The four-step application process includes (i) a preliminary discussion with the OCC about the proposed pilot; (ii) submission of a tailored expression of interest (EOI) to the OCC’s Office of Innovation or assigned supervisory office; (iii) evaluation of the EOI by the OCC; and (iv) acceptance or declination of the request. If a proposal is accepted, the testing phase will begin and the entity will be required to submit periodic information and reports, including key performance indicators, issues identified, and any steps taken to address the issues.
The OCC will maintain the confidentiality of proprietary information, including the identity of any participating entities. Comments on the proposal must be submitted by June 14.
Georgia exempts certain retailers from mortgage licensing requirements
On April 18, the Georgia governor signed HB 212, which amends the Official Code of Georgia Annotated relating to the licensing of mortgage lenders and mortgage brokers. Under the Act, the following persons, who meet certain requirements, are exempt from state licensing requirements: “retailers and retail brokers of manufactured homes, mobile homes, or residential industrialized buildings.” The Act also revises the definition of a “mortgage broker” to remove the aforementioned categories from the term, and further provides that a “mortgage broker” does not include employees of exempt persons who satisfy specific requirements. The Act takes effect July 1.
NYDFS creates Consumer Protection and Financial Enforcement Division
On April 29, NYDFS announced its newly created Consumer Protection and Financial Enforcement Division, led by Katherine Lemire as Executive Deputy Superintendent. The new office combines the Enforcement and Financial Frauds division with the Consumer Protection division and is responsible for ensuring compliance, fighting consumer fraud, and assisting NYDFS with the enforcement of the state’s Banking, Insurance and Financial Services laws. The office will have a particular investigative focus on the response to cybersecurity events and the creation of supervisory, regulatory and enforcement policy in the area of financial crimes. Prior to her new role, Lemire served as Assistant United States Attorney in the Southern District of New York where she investigated complex federal crimes, and as a prosecutor in the Manhattan District Attorney’s Office.
CFPB fines student loan servicer $3.9 million for unfair practices
On May 1, the CFPB announced a $3.9 million settlement with a student loan servicing company. The settlement resolves allegations that the company engaged in unfair practices by failing to make adjustments to loans made under the Federal Family Education Loan Program to account for circumstances such as deferment, forbearance, or entrance into the Income-Based Repayment (IBR) program. According to the consent order, between 2005 and 2015, certain accounts requiring manual adjustments to principal loan balances based on program participation were allegedly placed in “queues” to process the adjustments, which took, in some cases, years to process. The servicer allegedly did not inform affected borrowers that it did not complete the processing of their principal balances associated with the deferment, forbearance, or IBR participation. The queues allegedly resulted in some borrowers paying off incorrect loan amounts and other borrowers experiencing delays in loan consolidation while waiting for the servicer to adjust principal balances. In addition to the $3.9 million civil money penalty, the consent order requires the servicer to make the proper adjustments to the principal balances of the affected accounts or pay restitution to borrowers who paid off loans with inaccurate loan balances. The servicer is also required to comply with certain compliance monitoring, reporting, and recordkeeping requirements.
Democratic senators concerned with CFPB retiring HMDA search tool
On April 29, nine Democratic Senators, led by Sherrod Brown (D-Ohio), wrote to the CFPB expressing “deep concern” regarding the Bureau’s plan to retire its tools for public exploration of HMDA data—HMDA Explorer Tool and the Public Data Platform API. In the letter, the Senators argue that retiring the tools with no plan for adequate replacements “threatens to undermine the statutory purposes of HMDA and does not live up the commitments to transparency and accountability” that Director Kraninger promised to uphold during her nomination hearing. The Senators cite to the Bureau’s decision to move the Office of Fair Lending and Equal Opportunity from the Supervision and Enforcement section to the Office of the Director and argue that “[r]reductions in available data and its accessibility, combined with weakened [fair lending] enforcement, is a disservice to the consumers the CFPB was created to protect.” The letter urges the CFPB to reverse course and requests that the Bureau provide a “detailed briefing” on the decision by May 10.
In the notice regarding the tools’ retirement, the Bureau states that the FFIEC “will publish a query tool for the 2018 data in the coming months.”