Wednesday, October 18, 2017

OCC and CFPB disagree over arbitration rule

By Andrew A. Turner, J.D.

The Office of the Comptroller of the Currency has reviewed a working paper that the Consumer Financial Protection Bureau relied on in formulating its final rule prohibiting mandatory arbitration agreements and concluded that the arbitration rule will increase costs of credit cards. Meanwhile, CFPB Director Richard Cordray has responded to criticism questioning the impact of the rule on consumers and financial institutions.

The working paper by Alexei Alexandrov, “Making firms liable for consumers' mistaken beliefs: theoretical model and empirical applications to the U.S. mortgage and credit card markets,” finds a strong probability of a significant increase in the cost of credit cards as a result of eliminating mandatory arbitration clauses.

Final rule. The Bureau issued a final rule prohibiting mandatory arbitration agreements for credit cards and certain other financial products with the stated rational being that eliminating mandatory arbitration clauses in contracts for certain financial products introduces a financial liability for financial service providers in the form of a potential increase in class action lawsuits. According to the CFPB, this additional financial liability may lead to greater compliance by financial institutions and make consumers more likely to obtain relief in the event of a dispute.

As part of its arbitration study, the CFPB reported that it did not find any statistically significant evidence of increases in the cost of credit to consumers associated with banning mandatory arbitration in credit card markets.

Working paper. Alexandrov constructed a model to show circumstances in which introducing a financial liability on firms can improve social welfare and consumer surplus. He then conducted statistical analysis of credit card data to estimate price increases. While he found the results of his analysis were statistically insignificant and he could not reject the hypothesis that there were no costs to consumers, Alexandrov was careful to point out that he could not rule out economically significant costs.

OCC findings. The OCC has analyzed and verified the Alexandrov results that were summarized by the CFPB in their arbitration study and discuss potential increased costs to consumers from eliminating mandatory arbitrage clauses. Given the substantial costs to financial firms estimated by the CFPB, one would expect some of these costs to be passed on to consumers or the availability of certain financial services products to decline where costs could not be recouped. The OCC has confirmed Alexandrov’s results using his assumptions and specification and elaborated on his comments about the economic significance of introducing additional financial liability in credit card markets. Consumers face significant risk of a substantial rise in the cost of credit.

According to Alexandrov, the CFPB, and OCC, the magnitude of the effect on pricing is uncertain, but there is a high likelihood that the total cost of credit will increase. However, this analysis does not explore the potential effect on consumer payments, their ability to pay the higher cost, and the potential for an increase in delinquencies, or changes in the availability of certain financial products intended to meet the financial needs of consumers.
CFPB defense of arbitration rule. The CFPB argues that it issued a rule that prevents financial companies from using arbitration clauses to deny groups of consumers the ability to pursue their legal rights in court after conducting a comprehensive study that found that arbitration clauses were effectively blocking billions of dollars of relief for millions of harmed consumers. Cordray authored a column, The truth about the arbitration rule is it protects American consumers, in The Hill on October 16, responding to Noreika's October 13 column, Senate should vacate the harmful consumer banking arbitration rule.

Cordray also defended the rule in a letter to U.S. Senator Sherrod Brown (D-Ohio), which included a review by the CFPB's Office of Research.

For more information about the CFPB's rule on mandatory arbitration clauses, subscribe to the Banking and Finance Law Daily.

Tuesday, October 17, 2017

Bureau charges debt assistance companies ‘lied to line their pockets’

By Katalina M. Bianco, J.D.

The Consumer Financial Protection Bureau has filed suit against two companies, Federal Debt Assistance Association, LLC, and Financial Document Assistance Administration, Inc., both companies operating as FDAA; their stated parent company and service provider Clear Solutions, Inc.; and their owners for deceiving consumers and violating the Consumer Financial Protection Act (12 U.S.C. §§ 5531(a), 5536(a)), and the Telemarketing Sales Rule (16 CFR Part 310). According to the Bureau’s complaint, FDAA falsely represented the company as being affiliated with the federal government and falsely promised to eliminate consumers’ debts and improve their credit scores for thousands of dollars in advance fees.

"FDAA and its owners lied to financially vulnerable consumers to line their pockets with cash," said CFPB Director Richard Cordray. "Today’s lawsuit seeks to stop these deceptive practices, impose civil money penalties, and return to cheated consumers the fees they paid to these companies."

FDCPA. According to the complaint, FDAA promised to eliminate consumers’ unsecured debts and improve their credit scores, primarily by using the debt-verification process set out in the Fair Debt Collection Practices Act. However, the companies’ debt validation programs "were merely debt-management programs that misled consumers about the results that could be achieved under the FDCPA’s debt-verification process."

Failure to disclose. The complaint alleges that FDAA failed to make proper disclosures about not paying debts. FDAA instructed consumers to stop making payments on the debts enrolled in their program. However, they failed to disclose that not making payments may result in the consumer being sued by creditors or debt collectors and may increase the amount of money the consumer owes due to the accrual of fees and interest, according to the complaint.

Advance fees. The CFPB charged that FDAA took illegal advances for debt-relief and credit-repair services without achieving certain results, a violation under the TSR. It is a violation of the TSR for any seller or telemarketer to request or receive payment of any fee or consideration for goods or services represented to remove derogatory information from, or improve, a person’s credit history, credit record, or credit rating until and unless:

  • the time frame in which the seller has represented all of the goods or services will be provided to that person has expired; and
  • the seller has provided the person with documentation in the form of a consumer report from a consumer-reporting agency demonstrating that the promised results have been achieved.
Relief. The CFPB’s complaint seeks monetary relief, injunctive relief, and civil money penalties.
For more information about CFPB enforcement actions, subscribe to the Banking and Finance Law Daily.

Friday, October 13, 2017

CFPB kicks rulemaking into high gear

By Katalina M. Bianco, J.D.

The Consumer Financial Protection Bureau has released a flurry of rulemaking in the past few weeks. The Bureau adopted the much-anticipated short-term, small-dollar loan regulation this month. The focus of the rule is loans that require full or nearly full repayment at one time, such as payday loans, vehicle title loans, and deposit advance products, although some longer-term loans that have balloon payment features also are covered under the rule. Most of the rule, which is based on last year’s proposal, will take effect 21 months after it is published in the Federal Register.

According to the Bureau, the rule:
  • establishes a full-payment test for installment loans to ensure that consumers can afford their payments and still meet their basic living expenses and major financial obligations;
  • limits to three the number of loans that can be made in close succession (while a prior loan is outstanding or within 30 days after a prior loan is repaid);
  • creates an exception to the full-payment test for very small loans if the lender offers a way the consumer can get out of debt more gradually;
  • creates a separate exemption for loans that pose less risk for consumers; and
  • prevents lenders that make short-term loans, balloon-payment loans, and longer-term loans with an annual percentage rate of more than 36 percent from continuing to attempt to debit consumer accounts for payments after two consecutive failures.
The Bureau provided a factsheet that summarizes the rule.
Mortgage servicers. The CFPB has issued an interim final rule intended to provide mortgage servicers with clearer and more flexible standards for providing modified written early intervention notices to borrowers who have invoked their cease communication rights under the Fair Debt Collection Practices Act, with rule amendments that become effective on Oct. 19, 2017.
The Bureau also has proposed amendments to clarify timing requirements for servicers to transition to providing modified or unmodified periodic statements and coupon books to consumers in connection with their bankruptcy case.
ECOA rulemaking. Late last month, the CFPB modified Equal Credit Opportunity Act regulations in order to provide greater clarity for mortgage lenders regarding their obligations in collecting consumer ethnicity and race information, while promoting compliance with rules intended to ensure consumers are treated fairly.
The Bureau’s amendments would allow mortgage lenders to adopt application forms that include expanded requests for information regarding a consumer’s ethnicity and race as they will no longer be required to maintain different practices depending on their loan volume or other characteristics.

The Bureau also finalized additional amendments to facilitate compliance with Reg. B’s requirements for the collection and retention of information about the ethnicity, race, and sex of applicants seeking certain types of mortgage loans.
The rule amendments are effective on Jan. 1, 2018, except that the amendment to Appendix B removing the existing “Uniform Residential Loan Application” form in amendatory instruction 6 is effective Jan. 1, 2022.
For more information about the latest CFPB rulemaking, subscribe to the Banking and Finance Law Daily

Tuesday, October 10, 2017

OCC’s Noreika touts online lending opportunities, responsibilities at policy summit

By Thomas G. Wolfe, J.D.
Speaking at the 2017 Online Lending Policy Summit in Washington, D.C., Acting Comptroller of the Currency Keith Noreika contrasted his viewpoint with that of some pundits who see the growth of the online lending industry in recent years as a response to the lack of agility of the nation’s conventional banking system. “I do not share that view,” Noreika stated. “I see the growth of online lending and marketplace lenders as the natural evolution of banking itself.” In his prepared remarks for the September Summit, Noreika outlined the ways in which the Office of the Comptroller of the Currency promotes economic opportunity and responsible innovation. “Too often regulatory burden gets in the way of economic opportunity,” he asserted.
Noreika noted that the Summit and similar events “play an important role in informing national policymakers of what the industry needs to provide safe and sound products and services to customers across the country and to unleash their potential to promote economic opportunity.”
Online lending. According to facts and figures relayed by the Acting Comptroller, marketplace lenders have originated about $40 billion in consumer and small business loans in the United States during the past decade. Moreover, online lending “has doubled every year since 2010.” While industry analysts vary somewhat on how high the ceiling is, “some analysts suggest that the market will reach nearly $300 billion by 2020, and others suggest as much as $1 trillion by 2025.”
At the same time, Noreika observed the challenges facing the online lending industry despite its rapid growth. “It remains to be seen how online lending companies … will perform under stress,” he said. “That’s part of a maturing business, and risk is part of economic opportunity. Success requires adapting to new market conditions and effectively managing evolving risks.”
OCC’s efforts. Noreika observed that innovation not only comes from within the banking industry, it also comes from private companies outside the system as well. Pivoting to the OCC’s work to “to promote economic opportunity and responsible innovation,” Noreika underscored that:
  • since 2015, the OCC has “published practical guiding principles, held a public forum, and established a framework for supporting responsible innovation;”
  • the OCC’s Office of Innovation “serves as a clearinghouse for innovation-related matters and a central point of contact for OCC staff, banks, nonbank companies, and other industry stakeholders;”
  • through “regulatory sandboxes” and “bank pilot” programs, the OCC not only fosters responsible innovation, the OCC also increases its own knowledge and understanding of innovative products, services, and technologies;
  • the OCC supports the chartering of “fintech companies that want to become national banks;”
  • there is increasing interest in the OCC possibly offering special-purpose national bank charters to “nondepository fintech companies engaged in the business of banking;”
  • Noreika and the OCC have sought ways in which to lessen the regulatory burden on the online lending industry; and
  • Noreika personally “added his voice to the chorus in letters to Congress denouncing Operation Chokepoint.”
Banks’ responsibility. According to Noreika, “Banks make the decisions to retain or terminate customer relationships, not the regulators, and not the OCC.” Accordingly, banks have a responsibility to provide “fair access and fair treatment,” he emphasized. “If the system fails to provide fairness to all, it cannot be a source of strength to any,” he stated.
For more information about how federal and state regulators view technological developments and innovations taking place in the financial services marketplace, subscribe to the Banking and Finance Law Daily.

Thursday, October 5, 2017

FSOC rescinds AIG’s SIFI designation

By Andrew A. Turner, J.D.

The Financial Stability Oversight Council has decided that American International Group, Inc., LLC, is no longer in financial distress and therefore not a threat to U.S. financial stability. As a result, the Council rescinded AIG’s designation as a systemically important financial institution, and the company will not be subject to supervision by the Federal Reserve Board and enhanced prudential standards.

The Council approved the rescission of AIG's designation by a six-to-three vote with one member being recused. Richard Cordray, Director of the Consumer Financial Protection Bureau, Martin J. Gruenberg, Chairman of the Federal Deposit Insurance Corporation, and Melvin L. Watt, Director of the Federal Housing Finance Agency, voted against the rescission. A Treasury Department document provides the views of seven of the members of the Financial Stability Oversight Members.

"The Council has worked diligently to thoroughly reevaluate whether AIG poses a risk to financial stability," Treasury Secretary Steven T. Mnuchin said. "This action demonstrates our commitment to act decisively to remove any designation if a company does not pose a threat to financial stability."

AIG President and Chief Executive Officer Brian Duperreault stated that the Council’s decision “reflects the substantial and successful de-risking that AIG’s employees have achieved since 2008” and that the company “is committed to continued vigilant risk management and to working closely with our numerous regulators to enable a strong AIG to continue to serve our clients.”
Additional review needed, says Watt. Dissenting from the decision, Watt believed the FSOC should have conducted an independent review of AIG to determine whether “the nature, scope, size, scale, concentration, interconnectedness, or mix of activities” of AIG could pose a threat to the financial stability of the United States.
Under Section 113 of the Dodd-Frank Act, the FSOC may determine that a nonbank financial company will be supervised by the Federal Reserve Board and be subject to prudential standards if it determines that:
  1. material financial distress at the nonbank financial company could pose a threat to the financial stability of the United States; or
  2. the nature, scope, size, scale, concentration, interconnectedness, or mix of activities of the nonbank financial company could pose a threat to the financial stability of the United States. 
According to Watt, the FSOC has never reviewed AIG under the second standard. Rather, the Council incorporated an evaluation of the factors required to be considered under the second standard into its evaluation under the first standard. Thus, Watt concluded that, if the Council determined that AIG no longer meets the criteria for designation under the first standard, an independent review and determination under the second standard is required before a decision can be appropriately made to rescind the designation. Watt called the Council’s decision without evaluating the second standard “premature and unwise.”
Gruenberg and Cordray: no material change. Gruenberg also disagreed with the decision because, in his view, nothing had materially changed since 2013 to diminish the concerns raised by the FSOC at that time. Gruenberg stated a “core basis” for the designation in 2013 was that AIG had a large volume of liabilities subject to discretionary withdrawal, and if the firm were in material financial distress, a large number of those liabilities could run within a short period of time, posing a threat to U.S. financial stability. The asset liquidation could have disruptive effects on the broader financial markets and impair financial market functioning, said Gruenberg.

“These issues remain the same today as they were in 2013. While there have been some reductions in certain exposures, there have been increases in others, most notably in the life insurance and annuity business. Nothing about the liquidity characteristics of AIG’s liabilities and assets has changed to diminish the concerns originally raised by the FSOC.”

Cordray added that he was on the Council at the time that it designated AIG in 2013, and nothing in the analysis on the issue of rescinding that designation changed his views. In Cordray’s opinion, AIG continues to pose a threat to the stability of the financial system and satisfies both standards under the test—material financial distress at AIG not only could pose, but actually does continue to pose, a threat to the financial stability of the United States, and the nature, scope, scale, concentration, interconnectedness, or mix of activities at AIG could pose a threat to the financial stability of the United States.

AIG today is not the AIG of yesterday. In contrast, J. Christopher Giancarlo, Chairman of the Commodities Futures Trading Commission, concluded that the AIG of today no longer meets the standard for SIFI designation. Giancarlo concluded that AIG’s debt-holders, derivatives counterparties, and market participants view the firm as a far less significant credit risk than it was in 2013. Giancarlo also argued AIG does not meet the standard for SIFI designation because “AIG does not have systemically important ties to other large financial institutions.”

Similarly, while J. Mark McWatters, Chairman of the National Credit Union Administration, called the AIG of 2008 “a basketcase” and “the proverbial poster child for ill-conceived business plans, internal control systems, and risk-management protocols,” he concluded that “AIG is a different company today.”

Calling on his experience as “a commercial finance, M&A, and tax attorney with a CPA license,” McWatters said he had “thoughtfully analyzed” the financial statements, recommendations, data, and other reports, and concluded that AIG no longer poses a systemic risk to the financial system. “I remain confident that AIG, if presented to this Council as, say, Company X, would not receive a SIFI designation today,” said McWatters.

Likewise, concurring with the decision to rescind AIG’s SIFI determination, independent member S. Roy Woodall, Jr. wrote that the AIG of 2016 is “a different organization, approximately half the size it was at the time of the financial crisis and, therefore, no longer satisfies the first determination standard under which it was designated.”

Continued monitoring recommended. Notably, Woodall also said he remained concerned with some of AIG’s activities, especially those relating to annuities with guaranteed features. Although Woodall did not believe the activities would justify continuing to regulate AIG as a SIFI, he felt the activities should continue to be monitored from a macro-prudential perspective.

While Woodall noted also that that state insurance regulators are recognized as the primary financial regulators of insurance activities and that they have enhanced their regulatory capabilities since the financial crisis, he recommended that the Council closely monitor state regulatory developments.

Noreika questions FSOC’s authority. Keith A. Noreika, Acting Comptroller of the Currency, questioned the authority of the FSOC to designate individual nonbank companies for bank-like regulation. “I am concerned that by picking institutions from among similarly situated competitors within the same industry and labelling one systemically important and not the other, we may adversely affect the competitive environment in unfair and arbitrary ways,” said Noreika.

Noreika criticized the process as “politicized” and said it “invariably forces the Council to pick ‘winners and losers’ from among firms in a competitive industry.”

For more information about financial stability issues, subscribe to the Banking and Finance Law Daily.

Wednesday, October 4, 2017

Senators urge Fed to act on opioid crisis

By J. Preston Carter, J.D., LL.M.

Senators Sherrod Brown (D-Ohio), ranking member of the Senate Banking Committee, and Joe Donnelly (D-Ind), member of the Senate Banking Committee, sent a letter to Federal Reserve Board Chair Janet Yellen, urging the Fed to explore and devote resources to supplement federal government efforts to combat the nation’s opioid epidemic.

The letter referred approvingly to the Administration’s Commission on Combating Drug Addiction and the Opioid Crisis, but stated that the opioid epidemic is not just a public health and law enforcement matter: "This is an economic matter." The letter cited Yellen’s comments at a committee hearing on July 13, 2017, in which she said, "I do think it [opioid addiction epidemic] is related to the decline in labor force participation among prime-age workers."

The Senators believe the Fed, including the research departments at the Board and regional Reserve Banks, can help policymakers better understand the impact of the opioid epidemic on labor force participation rates, full employment, and on overall economic activity in communities. They added that the community development and business outreach functions of the Federal Reserve System can also engage businesses to look for solutions in their communities. Therefore, Brown and Donnelly are asking the Fed to further research this area in order to formulate policy responses to reduce and prevent further opioid use.

For more information about activities of the Federal Reserve Board, subscribe to the Banking and Finance Law Daily.

Tuesday, October 3, 2017

OCC, New York spar over agency authority to charter fintechs

By Richard A. Roth, J.D.

A motion to dismiss by the Office of the Comptroller of the Currency and an opposing memorandum by New York’s Department of Financial Services lay out the two sides’ positions in a suit challenging the OCC’s ability to grant national bank charters to companies that do not accept deposits. In its motion to dismiss Vullo v. OCC, the agency asserts that New York has no current right to try to block the charters and that it has the right to grant them. The state responds that it has standing to sue, its legal challenge is ripe for decision, and the agency is exceeding its authority under the National Bank Act.

The state and the OCC are arguing over whether the OCC can grant national bank charters to fintech companies—broadly, companies that use innovative technology to provide financial products and services to customers. The agency has made clear, through papers, proposals, and speeches by officials, that it believes it has the legal right to issue charters and is considering doing so. As part of its public statements, the OCC also has said that it wants chartered fintech companies to engage in banking activities other than accepting deposits.

New York asserts that the OCC has reached a final decision that it will grant charters. The state also argues that, under the NBA, the OCC can charter institutions only if they engage in the business of banking, and accepting deposits is an essential part of that business. One of the state’s concerns is that the OCC will use fintech national bank charters to preempt state laws governing nondepository financial services companies that traditionally have been under state, not federal, authority.

Final agency action. A threshold question is whether the OCC has taken a final action that is subject to judicial review. What New York characterizes as a decision to grant charters is merely “a collection of non-final policy statements and solicitations for input from the public,” the OCC asserts. The agency says it has not completed its decision-making process, and no legal consequences have resulted from anything it has done. That means there has been no final agency action, so there is nothing to review.

New York makes much of the OCC’s statement in a March 2017 notice that the agency had “reached this decision for a number of reasons.” It had “reached this decision” after publishing a white paper and then reviewing and responding to more than 100 public comments. The fact that the OCC still is soliciting comments on how it will implement its decision to grant charters does not affect that the decision to do so has been reached, the state asserts.

The OCC’s assertion that its interpretation of the NBA is entitled to judicial deference under Chevron U.S.A., Inc. v. Natural Resources Defense Council, Inc., 467 U.S. 837, 842 (1984) shows that there are legal consequences that render the agency’s action final, the state adds.

Jurisdictional impediments to suit. The OCC argues that the federal district court does not have the jurisdiction even to consider the merits of the state’s suit. According to the agency, the state has not suffered an injury in fact, the issue is not ripe for judicial consideration, and any challenge to the relevant regulation is time-barred. Unsurprisingly, New York disagrees.

The OCC asserts that any injury the state might suffer is “future-oriented and speculative,” not actual or imminent. There will be no actual harm unless and until a charter actually is granted. This means the state does not have standing to sue, according to the agency.

The state replies that its standing is clear. The New York Department of Financial Services enforces state laws, and the OCC has decided to preempt those laws by granting national bank charters. This diminution of the state’s sovereignty establishes its standing to sue.

Even if New York has an injury in fact, the dispute is not ripe for decision, the OCC also says. The agency claims that it has not yet decided whether to charter fintech companies, and waiting until a decision is made will not cause a hardship for the state. New York counters that the extent of the OCC’s authority is a purely legal question that is “eminently fit for judicial review.”

What is the business of banking? The ultimate issue likely is what activities constitute the business of banking. Generally, the core business of banking is seen as three activities: taking deposits, paying checks (or processing other types of payments), and extending credit. New York views taking deposits as essential, while the OCC does not.

Federal law does not offer a precise definition of “the business of banking.” According to the OCC, that makes the NBA’s use of the phrase ambiguous. Under Chevron, the agency’s reasonable interpretation of the ambiguous phrase is entitled to judicial deference, and the agency’s interpretation is that deposit-taking is not required. Similarly, the agency has a broad authority to grant charters to companies that engage in some, but not all, banking activities. Perhaps performing only one of the core activities would suffice, the OCC’s motion suggests.

In reply, New York argues that the NBA is not ambiguous, at least as far as chartering decisions. The business of banking must include taking deposits. This is demonstrated by the structure of the NBA and by the broader scheme of the federal banking laws. In particular, the state points out, the Bank Holding Company Act defines “bank” in a way that requires the company to accept deposits.

Moreover, even if “business of banking” is ambiguous, the OCC’s interpretation in the contest of chartering is unreasonable, New York asserts.

For more information about fintech chartering, subscribe to the Banking and Finance Law Daily.

Monday, October 2, 2017

Fed fines HSBC $175M for failing to detect FX traders’ misdeeds

By Lisa M. Goolik, J.D.

The Federal Reserve Board has fined HSBC Holdings plc, London, U.K., and HSBC North America Holdings Inc., New York, N.Y., $175 million for deficiencies in HSBC's supervision of foreign exchange (FX) traders. The Fed said the firm “fail[ed] to detect and address its traders misusing confidential customer information, as well as using electronic chatrooms to communicate with competitors about their trading positions.” The Fed also ordered HSBC to improve its controls and compliance risk management concerning the firm's FX trading.

Coordinated FX trading. In 2014, the Commodity Futures Trading Commission, along with the Office of the Comptroller of the Currency and other federal regulators, ordered five banks—including HSBC—to pay fines ranging from $275 million to $310 million each for trying to manipulate the global FX benchmark rates to benefit the positions of certain traders.

FX traders used private electronic chat rooms to coordinate their attempts to manipulate the FX benchmark rates for certain currency pairs, including the U.S. Dollar, Euro, and British Pound Sterling. They shared confidential customer order information and trading positions, changed trading positions to accommodate the interests of the collective group, and agreed on trading strategies as part of an effort by the group to attempt to manipulate certain FX benchmark rates. In some cases they pushed the rates downward, and in some cases upward.

HSBC traders charged. The Fed subsequently barred two former senior managers, Mark Johnson and Stuart Scott, from employment in the banking industry following their criminal indictment for wire fraud connection with their trading activities at HSBC. The individuals were charged with making multiple misrepresentations to an FX client of HSBC in connection with a large pre-arranged currency transaction. The OCC took similar action to bar Johnson from employment.

The Fed’s fine against HSBC addresses the firm’s deficient policies and procedures that prevented it from detecting and addressing unsafe and unsound conduct by its FX traders, including Johnson and Scott.

For more information about Fed enforcement actions, subscribe to the Banking and Finance Law Daily.

Tuesday, September 26, 2017

Justice Department won’t challenge TCH’s proposed ‘real time payment system’

By Thomas G. Wolfe, J.D.

In a business review letter to counsel for The Clearing House Payments Company LLC (TCH), Andrew Finch, Acting Assistant Attorney General in charge of the Justice Department's Antitrust Division, states that the Justice Department has no present intention to take enforcement action against TCH for its proposal to create and operate a new payment system that will enable real-time transfers of funds between depository institutions. At the same time, while the Sept. 21, 2017, letter acknowledges the commendable objectives and procompetitive benefits of TCH’s proposed “Real Time Payment” (RTP) system, the Justice Department “reserves the right to challenge RTP in the future if RTP’s operations are determined to be anticompetitive in purpose or effect.” This business review letter is the first from the new administration.

TCH, a joint venture owned by 24 of the largest banks in the United States, has proposed a new “payment rail” that is faster than current payment rails, which include wire, automated clearing house (ACH), and check clearing house systems. According to a Justice Department release, TCH has represented that “RTP will not interfere with the continued use and operation of existing payment rails.” As observed by the Justice Department’s letter, TCH and the Federal Reserve System “are the only operators of the U.S. wire and ACH rails, with TCH processing roughly half of the volume of each rail.”

RTP proposal. The RTP proposal by TCH would allow banks to complete “near-instantaneous fund transfers between each other, from authorization to clearing to settlement,” at any time of the day, on any day of the week—including weekends and banking holidays. Not only will RTP facilitate real-time fund transfers between end users, RTP also will provide banks and end users with the ability to send “remittance-advice messages,” facilitating end users’ linkage of payments to remittance information.

TCH will not be involved in the development or pricing of real-time fund-transfer services that banks offer to their end-user customers who use RTP, and payment service providers will be able to connect to RTP by “partnering with banks and complying with certain rules, such as a requirement to post a surety bond.” While RTP will charge two kinds of usage fees—a network fee and a request-for-payment incentive fee—TCH has represented that it “will not impose anti-steering rules.”

Justice Department’s analysis. Based on available information and TCH’s representations about the proposed RTP system, the government determined that:
  • the development of the RTP system may yield procompetitive benefits;
  • many other countries already have a system like RTP;
  • the Federal Reserve System has encouraged TCH’s development of the RTP system in the United States;
  • RTP may increase the variety of payment rails available to banks, payment service providers, and ultimately their end user customers;
  • while there is a concern that many “collaborations of significant competitors,” such as TCH, have some potential to harm competition, TCH's current proposal does not appear to “limit rivals’ ability to access RTP in a way that appears to be anticompetitive;”
  • while there is some concern that TCH retains the right to “change its rules at any time” and has “complete discretion over enforcement and implementation decisions,” the Justice Department has no reason to believe that TCH will use RTP to harm the rivals of the TCH owner banks; and
  • to the extent that any anticompetitive effects arise in the future, they would be balanced against RTP’s procompetitive benefits “under the rule of reason.”
Recognizing that the proposed RTP system has the potential to offer improved services to banks, businesses, and consumers, the Justice Department concluded that it “has no present intention to take antitrust enforcement action against TCH’s proposed conduct.”

For more information about business review letters and related actions by the Justice Department affecting the financial services industry, subscribe to the Banking and Finance Law Daily.

Thursday, September 21, 2017

New York urges financial institutions to protect consumer data following Equifax breach

By J. Preston Carter, J.D., LL.M.

The New York Department of Financial Services (DFS) has issued guidance urging New York State chartered and licensed financial institutions to take immediate action and consider precautions to protect consumers in light of the recent cybersecurity attack at Equifax. The information accessed by hackers includes names, Social Security numbers, birth dates, addresses, and, in some cases, drivers’ license numbers. The guidance supports the DFS’s first-in-the-nation cybersecurity regulation (23 NYCRR 500), which went into effect on March 1, 2017, and requires banks, insurance companies, and other financial services institutions regulated by the DFS to establish and maintain a cybersecurity program designed to protect consumers and ensure the safety and soundness of New York State’s financial services industry.

"The scope and scale of this cyber attack is unprecedented and DFS is prepared to take all actions necessary to protect New York’s consumers and financial markets," DFS Superintendent Maria T. Vullo said. "Given the seriousness of this breach, the potential harm to consumers and our financial institutions, and in light of the fact that a number of financial institutions have arrangements with Equifax under which financial institutions provide consumer account and debt information to Equifax and receive similar information from Equifax, DFS is issuing this guidance to ensure that this incident receives the highest level of attention and vigilance at New York’s regulated institutions."
The DFS is asking all New York State chartered and licensed financial institutions to consider the following:
  • ensure that all information technology and information security patches have been installed;
  • ensure that appropriate ID theft and fraud prevention programs are in place;
  • confirm the validity of information contained in Equifax credit reports before relying on them;
  • if appropriate, consider a customer call center for customers to call in and inform the institution if their information has been hacked; and
  • if the institution provides consumer or commercial related account and debt information to Equifax, ensure that the terms of the arrangement receive a very high level of review and attention to determine any potential risk associated with the continued provision of data.
For more information about cybersecurity for financial institutions, subscribe to the Banking and Finance Law Daily.

Wednesday, September 20, 2017

CFPB issues first no-action letter addressing alternative data for lending decisions

By Andrew A. Turner, J.D.

The Consumer Financial Protection Bureau has issued it’s first-ever no-action letter to a company that uses alternative data in making credit and pricing decisions. The company agreed to a number of conditions designed to mitigate risks to consumers. This action comes as the Bureau continues to explore the use of alternative data to help make credit more accessible and affordable for consumers who are credit invisible or lack sufficient credit history.

Under the letter, the company, Upstart Network, Inc., must regularly report lending and compliance information to the CFPB to aid the CFPB’s understanding of the real-world impact of alternative data on lending decision-making. The no-action letter signifies that the Bureau currently has no intent to initiate supervisory or enforcement actions against Upstart.

Upstart is based in San Carlos, Calif., and provides an online lending platform for consumers to apply for personal loans, including credit card refinancing, student loans, and debt consolidation. The company evaluates consumer loan applications using traditional factors such as credit score and income, as well as incorporating non-traditional sources of information such as education and employment history.

The no-action letter applies to Upstart’s model for underwriting and pricing applicants as described in the company’s application materials. The no-action letter is specific to the facts and circumstances of Upstart and does not serve as an endorsement of the use of any particular variables or modeling techniques in credit underwriting.

Sharing of information. Under the terms of the letter, Upstart will share certain information with the CFPB regarding the loan applications it receives, how it decides which loans to approve, and how it will mitigate risk to consumers, as well as information on how its model expands access to credit for traditionally underserved populations. According to the CFPB, this information will further its understanding of how these types of practices impact access to credit generally and for traditionally underserved populations, as well as the application of compliance management systems for these emerging practices.

Alternative data. The CFPB is currently exploring ways that alternative data may be used to improve how companies make lending decisions. In February, the CFPB launched an inquiry into the use of alternative data sources in order to evaluate creditworthiness and potentially expand access to credit for consumers with limited credit history. The Bureau provides examples of alternative data, including: bill payments for mobile phones and rent; electronic transactions such as deposits and withdrawals; and other information that may be less closely tied to a person’s financial conduct. This inquiry also looked at the use of emerging technologies for underwriting, such as the expanded use of machine learning to potentially identify new insights and improve decisions in the credit process.

No-Action letter policy. The goal of the CFPB’s no-action letter program is to facilitate consumer-friendly innovations where regulatory uncertainty may exist for certain emerging products or services. Under the policy, companies can apply for a statement from Bureau staff on an innovative product or service that offers the potential for significant consumer benefit where there is substantial uncertainty about whether or how specific provisions of law would be applied. The CFPB’s Project Catalyst, an initiative designed to encourage consumer-friendly developments in the consumer financial marketplace, facilitates the no-action letter program as part of its work to support marketplace innovation. 

For more information about CFPB supervision of lending issues, subscribe to the Banking and Finance Law Daily.

Tuesday, September 19, 2017

Attorney, structured settlement buyers fend off most of CFPB suit

By Richard Roth, J.D.

Three related companies that bought structured settlements from consumers, three individuals who controlled the companies, and an associated attorney have convinced a U.S. district judge to dismiss four of the Consumer Financial Protection Bureau’s five claims that their business activities included unfair, deceptive, or abusive acts or practices. However, the judge rejected their argument that state-court litigation and a state regulatory scheme called for the federal court to decline jurisdiction and left standing one abusive acts or practices claim against the companies and controlling individuals (CFPB v. Access Funding, LLC).

The CFPB sued Access Funding, LLC, its holding company Access Holding, LLC, and the funding company’s successor Reliance Funding, LLC, (referred to as “Access”) claiming that the companies’ structured settlement factoring activities used unfair, deceptive, or abusive acts or practices to induce consumers to sell their structured settlements for lump-sum payments. The Bureau’s specific charges include that the companies misrepresented that advances paid to consumers obligated them to complete the sales and that the attorney was giving them independent professional advice.

The Bureau’s allegations about the attorney’s conduct perhaps are particularly disturbing. According to the judge’s summary of the charges, the attorney was held out as an independent professional advisor, while his services in fact were arranged and paid for by Access. Access would tell the attorney when to call each consumer and instruct him to place the call on a prepaid cell phone that Access arranged to have delivered to the consumer. The attorney’s independent professional advice consisted of little more than reading the contract to the consumer and then asking the consumer if he understood. The attorney then sent each consumer an affidavit for signature stating that the consumer had been advised to seek independent professional advice, had done so, and chose to proceed with the sale. Access paid Smith $200 for each transaction, the CFPB claims.

The Bureau’s complaint included three counts against Smith, one each alleging unfair practices, deceptive practices, and abusive practices. The fourth count charged that Access and the individuals who controlled the companies substantially assisted the attorney. The final count alleged that Access and the controlling individuals used abusive practices to coerce consumers to complete sales.

Jurisdiction. The judge’s first task was to decide whether he had jurisdiction over the Bureau’s suit. Access and the individuals raised three objections to the judge’s jurisdiction, but he rejected all three.

First, the judge said it was not appropriate for him to abstain from exercising jurisdiction due to the state of Maryland’s activities. Abstention is appropriate in a limited number of situations under Burford v. Sun Oil, 319 U.S. 315 (1943), the judge said, but those situations were not present.

The case did not present any difficult questions about Maryland state law; in fact, it presented no state law questions at all. Neither would the case interfere with Maryland’s efforts to “establish a coherent policy with respect to a matter of substantial public concern,” the judge said. The Bureau’s suit would not interfere with the state’s law on the sale of structured settlements. Enforcing the Consumer Financial Protection Act’s UDAAP provisions was consistent with state law.

Second, prior Maryland court decisions about the attorney’s activities and the fairness of the structured settlement sales did not bind the federal court under the issue preclusion doctrine, the judge said. The state court decisions were not binding on the CFPB because it was neither a party nor in privity with a party and therefore had never had a fair chance to be heard.

Third, because the Bureau was not in privity with a party to the state court litigation, its suit was not a prohibited collateral attack on the state court decisions, the judge decided.

Was attorney subject to the act? The Consumer Financial Protection Act does not apply to everyone. Rather, it applies to a “covered person.” The Act defines a “covered person” as one who “engages in offering or providing a consumer financial product or service,” and the attorney met that criterion, the judge determined.

Under the plain language of the CFPA, Smith was a covered person because he provided financial advisory services to consumers on individual financial matters. Whether to exchange structured settlement payments for a lump sum was an individual financial matter, and Smith advised consumers to complete the sales. The consumers’ affidavits swore that he acted as an independent professional advisor, the judge added.

Attorney exclusion. However, the CFPA excludes from coverage an attorney who was engaged in the practice of law, the judge continued. That shielded the attorney from the Bureau’s suit.

Smith’s activities, as described by the CFPB, were acting as an independent professional advisor. That included telling consumers about the legal implications of selling their structured settlements. The Bureau conceded that he was a licensed attorney. As a result, he was protected by the practice of law exclusion.

The Bureau’s claims about the perfunctory nature of Smith’s services were relevant to their quality, not their nature. “Bad legal advice is still legal advice,” the judge noted.

Neither of the two exceptions from the practice of law saved the CFPB’s case, the judge continued. The financial advice the attorney offered was at least incidental to his legal advice, and it was within the scope of an attorney-client relationship.

Since Smith was protected by the practicing attorney exclusion, none of his activities could have violated the CFPA, the judge concluded. That meant the companies and the controlling individuals would not have violated the CFPA by assisting him.

Advances and abusive practices. The Bureau’s remaining claim was that Access and the controlling individuals engaged in abusive practices by giving consumers advances against their buyouts and then using the resulting debt to coerce the consumers into completing the transactions. The Bureau’s complaint did adequately describe how that could have been abusive, the judge determined.

According to the companies, there was nothing abusive about expecting a consumer who changed his mind about the sale to repay the advance. However, the Bureau had alleged more than that, the judge observed. Consumers who changed their minds but could not repay advances were told they were obligated to complete the sale even if they believed it was not in their best interests. The CFPB also claimed that consumers did not understand the nature of the advances or that they actually were not obligated to complete the sales. If proved, that would be abusive, the judge said.

For more information about CFPB enforcement activities, subscribe to the Banking and Finance Law Daily.

Monday, September 18, 2017

Congress looks for hearings, documents on Equifax data breach

By Colleen M. Svelnis, J.D.

Democrats and Republicans from both the House of Representatives and the Senate are calling for investigations into the massive data breach revealed by Equifax, and proposed legislation is introduced into the Senate that intends to address issues arising from the breach. According to Equifax, the breach lasted from mid-May through July and compromised the personal information of up to 143 million Americans. The potential information accessed primarily included names, Social Security numbers, birth dates, addresses, and driver’s license numbers. In addition, credit card numbers for approximately 209,000 U.S. consumers, and certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers, may have been accessed. Equifax discovered the unauthorized access on July 29, 2017.

A bipartisan group of 37 senators are calling on key federal agency leaders to investigate reports that senior Equifax officials sold over $1.5 million in the company’s securities within days of its announcement of a cybersecurity breach. The letter was addressed to Securities and Exchange Commission Chairman Jay Clayton, U.S. Attorney General Jeff Sessions, and Acting FTC Chairman Maureen Ohlhausen. “We need answers, and I’m calling on leaders of the SEC, FTC, DOJ, and Senate Banking Committee to do just that. If there’s sufficient evidence to warrant criminal prosecution, it’s necessary to hold these executives accountable to the fullest extent of the law. Cybercrimes and identity theft are frightening and we also need to do everything we can to prevent such breaches to keep families safe,” stated Sen. Heidi Heitkamp (D-ND), one of the Senators who signed the letter.

Risk for further breaches?
Senator Elizabeth Warren (D-Mass) has launched a broad investigation into the causes of the breach, the response by Equifax, and possible next steps to address problems at credit reporting agencies and better protect consumers. Warren sent a letter expressing her concerns to Equifax, as well as the other major credit reporting agencies TransUnion and Experian. Warren wrote that Equifax failed to provide information describing exactly how the breach happened, and exactly how Equifax security systems failed. She lamented that Equifax’s “initial efforts to provide customers information did nothing to clarify the situation and actually appeared to be efforts to hoodwink them into waiving important legal rights.” In her letters to TransUnion and Experian, Warren asked for answers to questions to provide consumers “with clarity on the danger of identity theft in the aftermath of the Equifax breach,” and the public with information “about the risk of further data breaches, and to address concerns about the credit ratings industry as a whole.”

Warren has also sent a letter to the Federal Trade Commission and the Consumer Financial Protection Bureau on oversight actions prior to and following the breach; and to the Government Accountability Office to request a thorough investigation into consumer data security. In her letter to the FTC and CFPB, Warren requested details regarding when the agencies were informed of the breach, whether the credit reporting agencies were obligated “to report any information to your agencies, either prior to the public notice or after the public notice was sent,” what steps were taken to protect consumers, the number of inquiries of complaints the agencies received related to the breach, the investigative authority each agency has, and whether each agency has regulatory authority over credit reporting agencies.

Warren expressed concern in her letter to the GAO about the actions of credit reporting agencies, pointing out that Equifax obtains and uses “massive troves of data on millions of consumers, but consumers have little to no power over how this data is collected, how it is used, or how it is kept safe.” Warren requested that the GAO investigate the oversight of credit reporting agencies and provide an analysis of potential impact on major federal programs.

Wants hearing scheduled. Heitkamp and nine other Democratic senators on the Senate Banking, Housing and Urban Affairs Committee also sent a letter to Committee Chairman Mike Crapo (R-Idaho) requesting that the Banking Committee hold immediate hearings on the Equifax breach. The letter described the “additional issues” that have come to light that “further underscore the need for the committee’s attention,” including Equifax Chief Financial Officer selling nearly $2 million of stock five days after discovering the data breach, and the extreme delay between when Equifax discovered the breach, on July 29, and its public announcement of the breach, on September 7. The letter also mentioned the initial requirement that possible victims of the breach must waive their right to participate in class-action lawsuits in order to receive access to Equifax’s credit monitoring product, which has since been rescinded.

According to the letter, the magnitude of the breach “merits a thorough investigation and comprehensive review” by the committee. “We should accept nothing less than a full and transparent explanation of what went wrong, who is responsible, how to fix it, and how to prevent such catastrophes in the future.”

Documents requested by committee members. House Oversight and Government Reform Committee Chairman Trey Gowdy (R-SC) and House Science, Space, and Technology Committee Chairman Lamar Smith (R-Texas) have sent a letter to Richard Smith, Chairman and Chief Executive Officer of Equifax Inc., requesting documents and a briefing related to the recent data breach, which the letter states likely affected nearly half of the American population. The letter also noted that the breach “potentially exposes federal employees’ personally identifiable information” because Equifax helps conduct background checks and security clearances for government workers. The committee chairs requested a briefing by Equifax by September 28 in order to “better understand the ramifications of the breach for consumers and the federal government, the delay by Equifax in publicizing the breach, and any mitigating steps being taken by Equifax.” 

The letter also requested the following documents:

1) All documents and communications referring or relating to the breach(s) of personally identifiable information announced on Sept. 7, 2017, including, but not limited to, documents and communications to and from members of Equifax's corporate leadership.

2) All documents and communications referring or relating to the NIST Framework or other cybersecurity standards used by Equifax.

3) All documents and communications regarding federal contracts for credit and identity verification services and information technology security plans related to these contracts for the last three fiscal years.

4) All documents and communications referring or relating to the website “”

5) All documents and communications referring or relating to Equifax’s decision to publicize the data breach, the timing thereof, or any intervening actions the company took in response to or relating to the data breach between July 29, 2017, and Sept. 7, 2017.

For more information about data breaches, subscribe to the Banking and Finance Law Daily.

Thursday, September 14, 2017

Equifax removes arbitration clause from identity theft protection services

By Katalina M. Bianco, J.D.

Equifax has removed forced arbitration clauses from TrustedID, the company’s free credit monitoring and identity protection services offered to customers. The removal of the clauses comes in the wake of a data security breach that spurred heated response from legislators and consumer groups. Equifax announced on Sept. 7, 2017, that the breach occurred from mid-May through July and put millions of Americans at risk for identity theft.

Senator Sherrod Brown (D-Ohio), Ranking Member of the Senate Committee on Banking, Housing, and Urban Affairs, on September 8 had urged Equifax to remove the clauses. He responded to the removal of the clause by stating that while it is "a step in the right direction," Equifax’s corporate and affiliated websites still contain forced arbitration language and the company’s overall policy on arbitration "remains unclear." Equifax needs to clarify the terms of use for credit monitoring and identity theft services provided to data breach victims as well as clarifying their arbitration clause, the senator said.

"The fact that it took a public shaming to force Equifax to drop forced arbitration from TrustedID, is further proof why the Consumer Financial Protection Bureau’s rule is needed," Brown said. The CFPB’s final arbitration rule bans mandatory predispute arbitration clauses in consumer financial product contracts if those clauses prevent class actions.

Letter to Equifax. Sens. Catherine Cortez Masto (D-Nev) and Al Franken (D-Minn) and 18 of their colleagues, including Brown, on September 11 sent a letter to Equifax CEO Richard Smith "pressuring" him to "drop support for and use of forced arbitration agreements." The lawmakers also requested that Equifax explain its stance on the CFPB’s arbitration rule and the Republican-sponsored S.J. Res. 47, a resolution to repeal the rule. They noted in their letter that the company "presumably" is lobbying the Senate to reverse the rule and limit its liability through the resolution.

Hatch and Wyden requests. Senate Finance Committee Chairman Orrin Hatch (R-Utah) and Ranking Member Ron Wyden (D-Ore) have requested that Equifax respond to the data breach reports. In a letter to Smith, the legislators asked for details on the breach and information on what Equifax is doing to mitigate its effects on consumers.

SECURE Act reintroduced. Senator Brian Schatz (D-Haw) has reintroduced the Stop Errors in Credit Use and Reporting (SECURE) Act, legislation intended to make it easier for consumers to catch and resolve identity theft, fraud, and errors in their credit reports. In addition to Sen. Schatz, the legislation is supported by Sens. Elizabeth Warren (D-Mass), Claire McCaskill (D-Mo), Richard Blumenthal (D-Conn), Bernie Sanders (I-Vt), and Jeff Merkley (D-Ore). The reintroduction follows Schatz’s calls for Equifax to do more to assist consumers affected by the breach.

For more information about the Equifax data breach and forced arbitration, subscribe to the Banking and Finance Law Daily.

CFPB claims $14 million consumer relief in first half of 2017

By Katalina M. Bianco, J.D.

The Consumer Financial Protection Bureau’s newest issue of Supervisory Highlights reports that the Bureau recovered $14 million in restitution for consumers in the first six months of 2017. More than 100,000 consumers benefitted, according to the Bureau. Separate supervisory actions resulted in an additional $2.9 million in consumer remediation or civil penalties, the CFPB said.

The Summer 2017 Supervisory Highlights issue points out a number of supervision focuses. The CFPB draws attention to examiner findings that consumers were:
  • given incorrect information about when bank checking account service fees would be waived or what transactions were covered by overdraft protection;
  • not told about the cost of making credit card account payments by telephone as opposed to less-expensive payment methods;
  • subjected to car repossessions that should have been cancelled;
  • victimized by improper debt collection practices related to short-term, small-dollar loans, including collectors attempting to collect debts owed by a different person or contacting third parties about consumers’ debts;
  • given incorrect information about short-term, small-dollar credit application or approval processes;
  • charged mortgage loan application fees or closing fees that are prohibited by the Bureau’s mortgage disclosure rules; and
  • denied the opportunity to take full advantage of the mortgage loss mitigation options for which they might have qualified.
Frozen accounts. The CFPB also criticizes how at least one bank responded to suspected suspicious activity in consumer accounts. According to the Bureau, "one or more institutions engaged in unfair acts or practices by placing hard holds on customer accounts to stop all activity when the institution(s) observed suspicious activity." These hard holds were unnecessarily harsh, depriving consumers of access to their funds for as long as two weeks and causing payments to be dishonored.

The problem was aggravated by poor communication with the affected consumers about the hard holds, the Bureau adds.

For more information about Supervisory Highlights, subscribe to the Banking and Finance Law Daily.

Tuesday, September 12, 2017

ICBA President says Wells Fargo scandal illuminates ‘double standard’ for regulation, enforcement

By Thomas G. Wolfe, J.D.

In a September 2017 release, Independent Community Bankers of America President and CEO Camden R. Fine asserts that “federal regulators have taken no meaningful action against the board and senior managers who were supposedly responsible for the ethical, moral, and legal conduct” of Wells Fargo. According to Fine, “no community bank would have been given this kind of regulatory deference. There is not supposed to be a double standard for regulation and enforcement in this nation, but the wrongdoings of Wells Fargo show us that apparently one exists for too-big-to-fail banks.” As observed by the ICBA’s release, Fine’s remarks come in the wake of a Wells Fargo report indicating that there are many more “fake customer bank and credit card accounts than previously realized.”

Recent report. The ICBA president’s reaction is based, at least in part, on a recent Wells Fargo report about the completion of a “third-party review” of Wells Fargo retail banking accounts “dating back to the beginning of 2009.” An Aug. 31, 2017, release by Wells Fargo summarizing the report states that the third-party review included a “data analysis methodology that errs on the side of customers.”

Originally, approximately “2.1 million potentially unauthorized accounts” were identified in the Wells Fargo scandal. Now that the latest report uses a different methodology and includes retail banking accounts opened at Wells Fargo from January 2009 through September 2016, “a new total of approximately 3.5 million potentially unauthorized consumer and small business accounts” has been identified.

The ICBA points out that the Wells Fargo report follows “news last month” that Wells Fargo allegedly “was caught charging 800,000 people for auto insurance they did not want or need.”

Remove Wells Fargo executives. Fine states that federal regulators “haven’t even given them [Wells Fargo] a good slap on the wrist.” According to Fine, “Had this been a community bank board and senior managers, not only would they all have been removed from the bank months ago, but they would also be facing prosecution.” Fine also notes that the Wells Fargo scandal has produced the side effect of “tarring the good reputations of thousands of community banks and bankers.”

From Fine’s perspective, the Wells Fargo board “should be replaced, and so should its senior management. End of story.” Similarly, in August 2017, based on the cumulative evidence in the Wells Fargo scandal, Senator Elizabeth Warren (D-Mass) renewed her call for the Federal Reserve Board to remove all Wells Fargo directors who served on the board between May 2011 and July 2015 (see Banking and Finance Law Daily, Aug. 17, 2017).

For more information about regulatory and enforcement actions affecting community banks, subscribe to the Banking and Finance Law Daily.

Thursday, September 7, 2017

Yellen credits Wall Street reforms for stronger, more resilient economy

By Colleen M. Svelnis, J.D.

Ten years after the start of the financial crisis, Federal Reserve Board Chair Janet Yellen discussed the financial crisis and reforms put into place, both in the United States and around the world, to improve financial regulation and help prevent any similar occurrence in the future. The speech, “Financial Stability a Decade after the Onset of the Crisis,” was delivered at a symposium sponsored by the Kansas City Fed. Yellen declared that because of “the reforms that strengthened our financial system, and with support from monetary and other policies, credit is available on good terms, and lending has advanced broadly in line with economic activity in recent years, contributing to today’s strong economy.”

According to Yellen, research shows that the reforms put in place “have substantially boosted resilience without unduly limiting credit availability or economic growth.” However, she acknowledged that there is limited research, many reforms have been implemented recently, and the markets continue to adjust.

In Yellen's view, today, 10 years after the start of the financial crisis:
  • banks are safer;
  • the risk of runs owing to maturity transformation is reduced;
  • efforts to enhance the resolvability of systemic firms have promoted market discipline and reduced the problem of too-big-to-fail; and
  • a system is in place to more effectively monitor and address risks that arise outside the regulatory perimeter.
Yellen discussed the U.S. and global response to the financial crisis. The United States responded by laying out steps to increase the loss-absorbing capacity of banks, regulations to limit both maturity transformation in short-term funding markets and liquidity mismatches within banks, and new authorities to facilitate the resolution of large financial institutions and to subject systemically important firms to more stringent prudential regulation, stated Yellen. Globally, many foreign governments undertook aggressive measures to support the functioning of credit markets, including large-scale capital injections into banks, expansions of deposit insurance programs, and guarantees of some forms of bank debt, Yellen said.

Yellen cited the following reforms as necessary to increasing the loss-absorbing capacity of global banks.
  1. Quantity and quality of capital required relative to risk-weighted assets have been increased substantially.
  2. A simple leverage ratio provides a backstop, reflecting the lesson imparted by past crises that risk weights are imperfect and a minimum amount of equity capital should fund a firm’s total assets.
  3. Both the risk-weighted and simple leverage requirements are higher for the largest, most systemic firms, which lowers the risk of distress at such firms and encourages them to limit activities that could threaten financial stability.
  4. The largest U.S. banks participate in the annual Comprehensive Capital Analysis and Review—the stress tests.
Yellen also discussed regulatory reforms outside the regulated banking sector, such as those affecting the shadow banking sector, along with Congress’s creation of the Financial Stability Oversight Council.

Industry associations respond. The American Bankers Association responded with a statement by Rob Nichols, ABA president and CEO. Nichols stated that the ABA agrees “that the financial system is more resilient today and banks are safer thanks to post-crisis changes made by policymakers and bankers.” However, the statement welcomed the “acknowledgment that not all those rules are working as intended.” Nichols stated, that in order “to accelerate economic growth and make sure Americans get access to the credit they deserve, we urge that those fixes be made sooner rather than later.”

Public Citizen released a statement by Bartlett Naylor, a Financial Policy Advocate in Public Citizen’s Congress Watch Division. Naylor stated that Yellen “understands that human damage from financial sector recklessness caused the most severe financial panic and recession since the Great Depression. New reforms, from greater corporate capital requirements to enhanced supervision through the Financial Stability Oversight Council, contribute to a safer system. We can’t return to the days when Goldman Sachs and JP Morgan’s profit opportunities determine financial policy.”

For more information about financial reforms, subscribe to the Banking and Finance Law Daily.

Wednesday, September 6, 2017

Tax prep service settles FTC charges of privacy and security violations

By J. Preston Carter, J.D., LL.M.

TaxSlayer, LLC, a Georgia-based online tax preparation service agreed to settle Federal Trade Commission charges that it violated the Gramm-Leach-Bliley Act financial privacy and security rules. The FTC alleged that TaxSlayer violated the Safeguards Rule (16 CFR Part 314), which requires financial institutions to protect the security, confidentiality, and integrity of customer information, and the Privacy Rule (12 CFR Part 1016), which requires financial institutions to deliver privacy notices to customers.

In its complaint, the FTC alleged that hackers gained access to nearly 9,000 TaxSlayer accounts between October 2015 and December 2015 and used the information they accessed to engage in tax identity theft, which allowed them to obtain tax refunds by filing fraudulent tax returns, according to the complaint.

Safeguards Rule violations. According to the FTC, TaxSlayer failed to: develop a written comprehensive security program until November 2015; conduct a risk assessment to identify reasonably foreseeable internal and external risks to security; implement information security safeguards that would help prevent a cyber attack; implement adequate risk-based authentication measures; and require consumers to choose strong passwords.

Privacy Rule violations. The FTC also alleged that the company violated the Privacy Rule by failing to provide its customers with a clear and conspicuous initial privacy notice and to deliver it in a way that ensured that customers received it.

Settlement. As part of the settlement with the FTC, the company is prohibited from violating the Privacy Rule and the Safeguards Rule for 20 years. Consistent with several past cases involving violations of Gramm-Leach-Bliley Act Rules, the company is required to obtain biennial third-party assessments of its compliance with these rules for 10 years.

"Tax preparation services are responsible for very sensitive information, so it’s critical they implement appropriate safeguards to protect that information," said Tom Pahl, Acting Director of the FTC’s Bureau of Consumer Protection. "TaxSlayer didn’t have an adequate risk assessment plan, and hackers took over user accounts and committed identity theft."

Pahl added that the case "also demonstrates the importance of password protection. Hackers took advantage of people who re-used passwords from other sites, and the attack ended when TaxSlayer eventually required people to use multi-factor authentication."

For more information about financial privacy and cybersecurity, subscribe to the Banking and Finance Law Daily.

Tuesday, September 5, 2017

Debt collector’s sue-and-dismiss tactic could violate debt collection law

By Richard A. Roth, J.D.

A debt collecting law firm’s alleged practice of filing collection suits and then delaying or dismissing them if the consumer appeared for trial could violate the Fair Debt Collection Practices Act, the U.S. Court of Appeals for the Eighth Circuit has decided. The appellate court reinstated the consumer’s FDCPA suit against the Gurstel Chargo law firm and its client in an opinion that, point by point, rejected multiple legal decisions by a U.S. district judge (Demarais v. Gurstel Chargo, P.A.).

State court collection suit. Gurstel Chargo sued the consumer on behalf of a client, RAzOR Capital, which claimed to own a charged-off credit card account the consumer originally owed to Citibank. The suit demanded more than $25,000, including $5,000 in interest the consumer alleged was added after Citibank charged off the account.

The consumer never answered the state court complaint; however, Gurstel Chargo did not ask for a default judgment. Instead, the firm asked the judge to set a trial date. According to the consumer, the firm routinely did this because if a consumer did not appear for trial the firm could ask for a judgment on that basis and avoid onerous requirements that Minnesota law places on default judgments in consumer debt collection suits.

To the law firm’s probable surprise, the consumer and his attorney appeared on the scheduled trial date. Gurstel Chargo had no witnesses or evidence available—which the consumer alleged also was the firm’s normal practice—and obtained a continuance.

On the new trial date, Gurstel Chargo again was unprepared to proceed. The firm then dismissed the suit with prejudice.

Nearly three weeks after the case was dismissed, Gurstel Chargo sent discovery and admission requests to the consumer’s attorney. The cover letter noted it was a communication from a debt collector and an attempt to collect a debt, and it demanded a response within 30 days. Notably, before the continued trial date, the consumer’s attorney had served discovery requests on RAzOR that essentially were ignored.

FDCPA suit. Four months after the collection suit was dismissed, the consumer sued both Gurstel Chargo and RAzOR in federal court for FDCPA claimed violations. The district judge dismissed the suit after deciding that any claim for violations based on the second trial date were barred by the statute of limitations, the firm had engaged only in “permissible litigation tactics,” and the tardy discovery cover letter was not likely to deceive either the consumer or his attorney.

Standing to sue. As has become common in suits under consumer financial protection laws, the appellate court began its analysis by considering whether the consumer had described a concrete injury in fact that gave him standing to sue. The court decided that, under Spokeo, Inc. v. Robins, he had standing to assert all of his FDCPA claims.

To begin with, while the letter that accompanied the tardy discovery items did not cause any tangible harm, it nevertheless caused an injury in fact, the court said. Congress wanted the FDCPA to address the intangible harm of being subjected to baseless legal claims, and that harm was comparable to a common law tort of unjustifiable litigation. The letter, with its express compliance deadline and debt-collection language, easily could cause mental distress or other harms.

It was irrelevant that the letter was sent to the consumer’s attorney rather than to the consumer, the court added. It was a matter of routine that the demands would come to the consumer’s attention.

The events of the first trial date, when Gurstel Chargo obtained a continuance and new trial date, clearly described an injury in fact, the court continued. The consumer hired an attorney, served discovery requests, and prepared for and appeared for the trial. These steps would have cost the consumer both time and money, and could have caused mental distress as well.

Statute of limitations. Although only four months passed between the first trial date and the date the consumer filed his suit, the district court judge concluded the FDCPA’s one-year statute of limitations had run. This was because the judge believed that communications at the time of the first trial date simply related back to the original complaint and did not constitute a new FDCPA violation that would have a new limitation period.

That was wrong, the appellate court said. It was irrelevant that a violation might restate an earlier violation. Each violation would be an individual violation with a separate statute of limitations.

Continuance request. The consumer asserted that Gurstel Chargo’s request for a continuance at the first trial date was a misrepresentation under the FDCPA because the firm was threatening an action it did not intend to take—trying the case. The district judge said the request constituted “permissible litigation tactics and not actionable false assertions.”

Wrong again, the appellate court said. The consumer had plausibly claimed that the firm threatened to go to trial, on both trial dates, yet never intended to do so. Not only an unsophisticated consumer but a competent attorney would believe that Gurstel Chargo intended to go to trial when it asked for a continuance for that very purpose.

Gurstel Chargo could have made a threat with making an affirmative representation, the court continued. What mattered was what the consumer would have been likely to believe.

The court also accepted that the consumer had alleged facts showing the firm never intended to go to trial. He claimed that continuances and dismissals were Gurstel Chargo’s regular tactic, going so far as to provide the docket numbers of comparable court cases. The firm’s actions in his own case—failing to respond to his discovery requests and appearing unprepared at the second trial date—were additional relevant facts.

An ordinarily “permissible litigation tactic” could violate the FDCPA, the court added. Attorneys in litigation must comply with the act.

Tardy discovery request. According to the consumer, the discovery requests that Gurstel Chargo sent after the collection suit was dismissed with prejudice amounted to an attempt to collect a debt that was not owed. That was a violation of the FDCPA ban on unfair or unconscionable collection practices, he claimed.

The district judge said there could be no violation because the consumer’s claims “do not show that anyone was likely to be misled, deceived, or otherwise duped . . .”

Wrong yet again, the appellate court pronounced. Seizing on the judge’s language, the appellate court emphasized that “There is no ‘misled, deceived, or duped’ requirement” in the plain language of the FDCPA ban on unfair or unconscionable debt collection practices. Misleading representations are explicitly prohibited by a dedicated section of the FDCPA, the court pointed out, so there was no reason to infer an implicit prohibition in the ban on unfair practices.

The court’s summary of the district judge’s errors merits consideration. In the court’s own words:
The attempted collection of debts not owed harms consumers not just by inducing the payment of false claims. It also forces consumers to spend time and money addressing the false claims—even if they know they do not actually owe the claimed debt. Being subjected to attempts to collect debts one knows he or she does not owe can disrupt marriages, impair performance on the job, and cause public embarrassment—the very harms motivating Congress to pass the FDCPA. 
For more information about debt collection practices, subscribe to the Banking and Finance Law Daily.

Friday, September 1, 2017

CFPB publishes new TILA/RESPA mortgage disclosure guidance

By Katalina M. Bianco, J.D.
The Consumer Financial Protection Bureau has published support material intended to assist stakeholders in implementing the Bureau's July 2017 final rule that updated the "Know Before You Owe" mortgage disclosure rule. The final rule modified the mortgage disclosure requirements under the Real Estate Settlement Procedures Act and Truth in Lending Act that are implemented in Reg. Z.
The support material, entitled "2017 TILA-RESPA Rule: Detailed Summary of Changes and Clarifications," provides a comprehensive summary of the 2017 TILA-RESPA rule, as well as examples of how to apply the final rule’s provisions.
Topics covered by the support material include:
  • effective date and mandatory compliance date, including an optional compliance period;
  • application of the mortgage disclosure requirements to cooperative units and trusts;
  • treatment of tolerances and good faith requirements;
  • shopping for settlement services;
  • principal curtailments;
  • total of payments disclosure;
  • simultaneous subordinate lien loans;
  • construction loans;
  • the use of positive and negative numbers for certain disclosures;
  • payoff disclosures; and
  • separation of consumer and seller information on closing disclosures.
For more information about the TILA/RESPA final rule and Bureau guidance, subscribe to the Banking and Finance Law Daily.

Bureau amends HMDA rule to ease reporting duties for small lenders

By Katalina M. Bianco, J.D.

The Consumer Financial Protection Bureau has adopted a final rule amending its October 2015 Home Mortgage Disclosure Act final rule. The 2015 rule  was intended to reduce the number of lenders required to file reports but at the same time require more data to be collected and reported. The new 2017 final rule makes technical corrections, clarifications, and changes to certain requirements adopted by the 2015 HMDA rule and generally becomes effective Jan. 1, 2018.

HMDA proposals. The final rule is based on two earlier proposals the CFPB issued in 2017. An April 2017 proposal addressed technical errors, clarified some key terms, and was intended to ease the burden of certain reporting requirements. A second proposal, issued in July 2017, sought to offer community banks and credit unions some regulatory relief by proposing a temporary 400-percent increase in the HMDA reporting threshold for home equity lines of credit.

Threshold changes. The 2017 HMDA final rule temporarily increases the threshold for collecting and reporting data with respect to open-end lines of credit from 100 to 500 for the 2018 and 2019 calendar years. Financial institutions originating fewer than 500 open-end lines of credit in either of the two preceding years will not be required to begin collecting such data until Jan. 1, 2020.

When proposed, the Bureau indicated that it was considering making the threshold increase permanent after 2020. However, it chose not to do so in the final rule. The CFPB noted it was "vitally important to begin the collection and reporting of data on the growing market for open-end lines of credit and that the increase in open-end origination volume since 2013 further demonstrates the importance of these data." The CFPB did add that the two-year period will allow time for it to decide, through an additional rulemaking, whether any adjustments to the open-end threshold are needed; and that it "intends to make that determination in sufficient time so that if institutions are covered under any permanent threshold set by the Bureau but not under the temporary threshold, those institutions will be able to resume and complete their implementation processes."

Excluded transactions. The 2017 HMDA final rule also creates a reporting exception for certain transactions related New York Consolidation, Extension and Modification Agreements (New York CEMA) transactions. Covered financial institutions generally will not be required to report any preliminary transaction where a consumer receives additional funds prior to consolidation into a New York CEMA transaction. However, financial institutions will continue to be required to report the New York CEMA transaction.

In addition, the rule clarifies two categories of transactions that are excluded as temporary financing and not reported in HMDA data: (1) a construction-only loan or line of credit that is extended to a person exclusively to construct a dwelling for sale; and (2) a loan or line of credit designed to be replaced by separate permanent financing extended by any financial institution to the same borrower at a later time.

Key terms clarified. The 2017 HMDA final rule clarifies certain key terms defined in the 2015 HMDA rule, including "multifamily dwelling," "automated underwriting system," and the meaning of income for the purpose of reporting the gross annual income relied on in making the credit decision or processing the application if a credit decision was not made.

Race and ethnicity information. Finally, the 2017 HMDA final rule clarifies three aspects of collecting and reporting race and ethnicity information. First, it states that an applicant is not required to select an aggregate race or ethnicity category as a precondition to selecting one of the race or ethnicity subcategories. Second, it clarifies that an applicant may provide a particular other ethnicity or race in the free-form field, whether or not the applicant selects the "Other" ethnicity or race subcategory. Third, it clarifies how a financial institution should report ethnicity if an applicant selects more than five ethnicity categories and subcategories combined.

Filing Instructions Guides. To assist financial institutions, the CFPB has also updated the Filing Instructions Guides for data collected in 2017 and 2018.

FFIEC guidelines. The Federal Financial Institutions Examination Council also has provided HMDA guidance, the HMDA Examiner Transaction Testing Guidelines, for all financial institutions required to report HMDA data. Beginning in 2019, examiners will use the guidelines when assessing the accuracy of the HMDA data that financial institutions record and report. The guidelines will apply to data collected beginning in 2018.

For more information about HMDA and the final rule, subscribe to the Banking and Finance Law Daily.