Over the last several years, the Securities and Exchange Commission (the “SEC”) and the Commodities Futures Trading Commission (“CFTC”) have been laser-focused on the use of so called “off-channel communications” in the financial services industry. On the theory that employees’ use of personal devices to communicate about business matters violates the “books and records” rules as these communications are not saved in company systems, regulators have conducted intrusive and extensive investigations requiring employees to turn over their personal devices for review. SEC Chairperson Gary Gensler recently stated that “bookkeeping sweeps are ongoing,” having resulted in well over $1 billion in fines so far. While the first round of investigations focused on the large banks, this “sweep” has since spread to hedge funds, credit rating agencies, online banking platforms, and now, to regional banks.

Continue Reading SEC Off-Channel Communications Sweep

On May 5, the CFPB announced that it has sent payments totaling more than $22 million to approximately 6,500 individuals who were harmed by a Maryland-based debt-relief and credit-repair company that marketed and sold debt-relief and credit-repair services nationwide from 2016 to 2020. In 2021, a federal court entered a stipulated final judgement and order against the company and its executives for allegedly deceiving consumers into hiring the company with false promises to lower or eliminate their credit-card debts and to improve their credit scores in violation of consumer financial protection laws.

Continue Reading CFPB, FTC Continue Crack Down on Debt Relief Schemes

On May 1, NYDFS settled with a cryptocurrency trading platform over the company’s cybersecurity deficiencies, resulting in a consent order and $1.2 million fine for the crypto company. NYDFS alleged “multiple deficiencies in the Company’s cybersecurity program” discovered during NYDFS examinations in 2018 and 2020. The examinations prompted an investigation, ultimately leading to the consent order and the fine.

Continue Reading New York Settles with Crypto Company, Proposes Crypto Legislation

On April 26, an association of Texas state banking organizations and a Texas minority depository institution filed a joint complaint against the CFPB in Texas federal court seeking to invalidate a recently finalized agency rule requiring lenders to gather and report data on loan applications from minority, LGBTQ+, and women-owned small businesses (see previous blog post detailing this rule here). The CFPB rule requires that small business lenders must collect and report on the following data points:

Continue Reading Lawsuit Challenges CFPB Reporting Rule for Small Business Lending

On April 25, the CFPB, FTC, EEOC, and Civil Rights Division of the DOJ issued a joint statement outlining the agencies’ collective commitment to monitor the development and use of automated systems and artificial intelligence and enforce their respective authorities where such systems produce outcomes that result in unlawful discrimination. The joint statement explains that potential discrimination in automated systems can come from different sources, including:

Continue Reading Federal Regulators Remain Focused on AI-based Discrimination

On April 4, CFPB Director Rohit Chopra delivered remarks at the International Association of Privacy Professionals’ Global Policy Summit on the importance of reigning in repeat violators of consumer finance and privacy laws. According to the Director, the CFPB is to enhance penalties against repeat offenders of consumer protection laws. Such penalties could involve a broader range of agency remedies, including naming executives in enforcement actions and placing meaningful limitations on future business practices, in addition to simple fines.

Continue Reading CFPB Director Elevates Priorities for Data Privacy & Repeat Offenders

On April 3, the CFPB issued a policy statement explaining the legal prohibition on “abusive” conduct in consumer financial markets provided in the Consumer Financial Protection Act (CFPA) and provided a summary past enforcement where these provisions have been applied.

Continue Reading CFPB Issues Guidance on “Abusive” Conduct in Financial Markets

On March 16, NYDFS entered a consent order resolving an examination of a payment service provider that allows merchants to accept Bitcoin payments from customers in exchange for the equivalent value in local currency credited to the merchant’s bank account. The company is licensed by the NYDFS to engage in virtual currency business activity pursuant to 23 NYCRR Part 200. Licensees under Part 200 are required to, among other things, adhere to federal and state laws mandating effective controls to guard against money laundering and certain other illegal activities.

Continue Reading NYDFS Examination of Crypto Payment Service Provider Ends in Settlement

Today, the CFPB has issued the small business lending final rule to implement changes to the Equal Credit Opportunity Act made by Section 1071 of the Dodd-Frank Act to require financial institutions to compile data regarding certain business credit applications and report that data to the CFPB (we previously discussed Section 1071 rulemaking in prior blog posts here and here). According to the CFPB, Section 1071’s purposes are “facilitating enforcement of fair lending laws and enabling the identification of business and community development needs and opportunities for women-owned, minority-owned, and small businesses.” While the final rule includes almost 900 pages of rulemaking, highlights include the following:

Continue Reading CFPB Issues Small Business Lending Rule

On February 23, the CFPB issued a consent order penalizing an auto finance company for allegedly violating the financial rights of military families and other consumers in providing auto title loans. The CFPB found that the company violated the Military Lending Act by extending prohibited title loans and charging interests rates nearly three times greater than the 36% annual interest rate cap. Pursuant to the consent order, the company is required to provide redress payments to consumer in the amount of $5.5 million, implement and maintain robust internal controls to prevent repeat offenses, and pay a $10 million fine.

Continue Reading Recent CFPB Actions Focus on Protecting Military Families

On February 2, the Massachusetts Attorney General announced that her office entered into an assurance of discontinuance with an auto loan provider to settle allegations of certain illegal auto loan collection practices. Specifically, the Massachusetts AG alleged that, beginning in 2017 and continuing to the present day, the auto loan provider allegedly failed to give borrowers adequate information relating to the calculation methods for deficiencies left on their auto loans after their vehicles were repossessed. The Massachusetts AG further alleged that the auto loan provider engaged in a pattern of excessive collection calling to borrowers in violation state debt collection regulations, which prohibit the initiation of more than two collection communications during a seven-day period.

Continue Reading Massachusetts AG Settles Enforcement Action Against Auto Lender