BSCR Firm News/Blogs Feed Nov 2019 00:00:00 -0800firmwise House Passes SAFE Banking Act Sep 2019Financial Services Law Blog<p>In August we <a href=";anc=827&amp;format=xmldetail&amp;stylesheet=FirmNewsItems_blog&amp;p=5258">reported</a> on the challenges that financial institutions face in Missouri now that medical cannabis use is permitted, and we suggested that the SAFE Banking Act of 2019, <a href="">H.R. 1595</a>, would provide a much-needed safe harbor for banks handling cannabis money.</p> <p>Although there was doubt even a month ago that the SAFE Banking Act would pass, the bill was approved by 321-103, far more than the required 2/3 majority to pass through the House.</p> <p>The SAFE Banking Act is unique in that it draws both praise and objection from each side of the legislative aisle. While some Republicans support the bill due to its benefit to commerce and the financial services industry, other more socially conservative legislators refuse to support the bill because marijuana remains illegal under federal law, and some believe marijuana to be dangerous.</p> <p>Conversely, while the bill has garnered some Democratic support due to its progress toward future decriminalization of marijuana and scaling back the war on drugs, others simply do not want to give more power or leniency to financial institutions.</p> <p>This dichotomy of perspectives even within each party makes it difficult to predict how the SAFE Banking Act will fare in the Senate. But, there is no doubt that Missouri financial institutions would benefit from its passage, and proponents of the bill continue to push hard for it to be put into law.</p> <p>As a reminder, the SAFE Banking Act would not change the status of cannabis as a Schedule I controlled substance under federal law. But it would permit financial entities to provide checking and savings accounts, credit cards, loans, and other financial products to marijuana-related businesses, and it would also prohibit the feds from seizing assets or taking punitive action against those banking institutions.</p> <p>We will continue to monitor the status of this legislation.</p> That Missouri is Accepting Marijuana-related Business Licensure Applications, What is the Plan for the Other Green Stuff? Aug 2019Financial Services Law Blog<p>From now until August 17, 2019, Missouri entities may apply for a license to cultivate, dispense, manufacture, test, and transport marijuana, pursuant to last year&rsquo;s passage of Amendment 2, permitting marijuana use for serious medical conditions. A cloudy haze remains, however, over how financial institutions doing business with marijuana-related businesses (&ldquo;MRBs&rdquo;) will be governed.</p> <p>As most are aware, while cannabis is now legal in some form or fashion in more than 30 states as well as D.C., cannabis manufacture and use is still prohibited by federal law. Consequently, handling of proceeds from MRBs is considered money laundering, and financial institutions are required to submit Suspicious Activity Reports (&ldquo;SARs&rdquo;) with FinCEN when certain red flags are raised in relation to suspected cannabis business.</p> <p>The SAFE Banking Act of 2019, <a href="">H.R. 1595</a>, would provide a safe harbor for financial institutions handling MRB money while the legality of cannabis continues to be debated at the federal level. More specifically, the SAFE Banking Act would prevent federal regulators from interfering with relationships between financial institutions and MRBs in states where cannabis is legal, and it would allow MRBs to access traditional banking services without threat of seizure or prosecution. The bill, if passed, would not change the status of cannabis as a Schedule 1 controlled substance.</p> <p>In recent weeks, several Missouri credit unions and banks have joined together to urge passage of the SAFE Banking Act, in anticipation of this month&rsquo;s open application process. Unfortunately, there is not much confidence that it will be passed.</p> So, how much money are we talking about? Last year, cannabis reportedly generated over $8 billion. The revenues are expected to triple over the next 5 years. Even though Missouri&rsquo;s share will be a fraction of anticipated revenues, that&rsquo;s still going to be a whole lot of green. Now, Missouri financial institutions and prospective MRBs will remain in the sticky situation of figuring out what to do with all of it. Check for Financial Institutions: Is Your Website ‘Accessible' to those with Disabilities? Jun 2019Financial Services Law Blog<p>What do Amazon, Domino&rsquo;s, and Beyonc&eacute; have in common? Their websites have all have been the subject of high profile lawsuits alleging failure to comply with the Americans with Disabilities Act of 1990 (the &ldquo;ADA&rdquo;). Your financial institution could be, too, if it has not taken measures to ensure its website is ADA compliant.</p> <p>We most often associate the ADA with physical limitations of brick and mortar buildings. But in recent years, several courts have extended the protections of the ADA to customers using websites in times where we conduct most of our business online. The relevant portion of the ADA provides that &ldquo;No individual shall be discriminated against on the basis of disability in the full and equal enjoyment of the goods, services, facilities, privileges, advantages, or accommodations of any place of public accommodation by any person who owns, leases (or leases to) or operates a place of public accommodation.&rdquo; 42 U.S.C. &sect;12182(a). Even though the ADA has not been amended to specifically address websites, several courts have held that the ADA applies to website accessibility, whether by nexus to a physical location or by the website&rsquo;s public nature.</p> <p>There is currently a split among the circuits as to whether or not a website falls under the scope of the ADA, but recent cases show a tilt in favor of holding that websites are either places of public accommodation in their own right, or have a sufficient nexus to services provided out of a brick and mortar location to fall under the ADA. In one of the more recent cases, the Ninth Circuit Court of Appeals held that an ADA lawsuit could proceed against Domino&rsquo;s for alleged failure to comply with appropriate accessibility standards for its website. The Court reasoned, &ldquo;The statute applies to the services of a place of public accommodation, not services in a place of public accommodation. To limit the ADA to discrimination in the provision of services occurring on the premises of a public accommodation would contradict the plain language of the statute.&rdquo; Domino&rsquo;s had not established that compliance would be an undue burden or would materially alter its business, such that the ADA claim was permissible.</p> <p>While ADA website litigation is not altogether new, it has gained traction in the past couple of years. Financial Services Litigators are closely monitoring these cases across the country and expect these filings against banks and credit unions to increase, due to increasing popularity of, and reliance upon, online banking by customers. Financial institutions are encouraged to ensure their websites comply with the current industry standard for accessibility, as well as state-level requirements. In evaluating its website, a financial institution should ask these questions:</p> <ul> <li>Is the website &ldquo;perceivable&rdquo;? Does it: <ul> <li>Provide&nbsp;text alternatives&nbsp;for non-text content</li> <li>Provide&nbsp;captions and&nbsp;other alternatives&nbsp;for multimedia</li> <li>Create content that can be&nbsp;presented in different ways</li> <li>including by assistive technologies, without losing meaning</li> <li>&nbsp;Make it easier for users to&nbsp;see and hear content</li> </ul> </li> </ul> <ul> <li>Is the website &ldquo;operable&rdquo;? Does it: <ul> <li>Make all functionality available from a&nbsp;keyboard</li> <li>Give users&nbsp;enough time&nbsp;to read and use content</li> <li>Avoid content that causes&nbsp;seizures</li> <li>Help users&nbsp;navigate and find content</li> </ul> </li> </ul> <ul> <li>Is the website &ldquo;Understandable&rdquo;? Does it: <ul> <li>Make text&nbsp;readable and understandable</li> <li>Make content appear and operate in&nbsp;predictable&nbsp;ways</li> <li>Help users&nbsp;avoid and correct mistakes</li> </ul> </li> </ul> <ul> <li>Is the website &ldquo;Robust&rdquo;? Does it: <ul> <li>Maximize&nbsp;compatibility&nbsp;with current and future user tools.</li> </ul> </li> </ul> <p>The Eighth and Tenth Circuits have not yet issued rulings applicable to this topic. We will continue to monitor for new cases and provide updates.</p> Proposes to Rescind Underwriting Requirement of 2017 Payday Loan Rule Feb 2019Financial Services Law Blog<p>Earlier this month, the CFPB took one of its first substantial steps under new leadership, with a Notice of Proposed Rulemaking seeking to rescind the underwriting requirements of the Bureau&rsquo;s 2017 Final Rule regarding payday loans, vehicle title loans, and high-cost installment loans (the &ldquo;2017 Payday Loan Rule&rdquo;). Signed by new director Kathy Kraninger and published on February 6, this proposal is open for comment through May 7, 2019.</p> <p>This recent proposal seeks to eliminate the &ldquo;identification&rdquo; provision in the 2017 Payday Loan Rule that makes it an unfair and abusive practice for lenders to make these types of loans without making a reasonable determination that the customer will have the ability to repay those loans. The new proposed rule also seeks to remove the &ldquo;prevention&rdquo; provision, which set forth certain underwriting guidelines that lenders were going to be required to use in an effort to prevent loans from issuing to borrowers not reasonably likely to be able to repay. Also subject to elimination were new recordkeeping and reporting requirements promulgated by the 2017 Rule. Director Kraninger&rsquo;s new proposal did not seek to remove any of the new payment policies put into effect by the 2017 Rule.</p> <p>In its Notice, the CFPB reasoned that there was not sufficient evidence to support the 2017 Rule, particularly where the 2017 Rule would prevent many consumers from accessing credit when needed. The CFPB also noted that most states have some degree of regulation in place as to payday loans, with varying levels of oversight and intricacy. To impose an additional federal, uniform requirement over the industry, it maintains, would be overly burdensome to both lenders and consumers seeking credit.</p> <p>The CFPB acknowledged that, in response to the original proposed 2017 Payday Loan Rule, it received a substantial number of comments from those who observed undesirable consequences from payday lending. However, those comments were far outnumbered by those from consumers who reported that payday loans, title loans, and other applicable products had been a necessary tool for survival in hard times where no other financing was available due to poor or nonexistent credit history.</p> <p>In the alternative, the CFPB also proposed that enforcement of the 2017 Payday Loan Rule underwriting requirements be delayed due to massive overhaul in technology and training payday lenders would have to undergo in order to meet these underwriting requirements.</p> <p>Director Kraninger has welcomed comment on all sides regarding this proposal, but it seems likely at this point that the anticipated underwriting requirements of the 2017 Rule will not be implemented or enforced.</p> <p>The Notice of Proposed Rulemaking to rescind the underwriting requirements may be found <a href="">here.</a> BSCR will continue to monitor until a final rule is issued.</p> Circuit Denies Recovery of Attorneys' Fees Despite FDCPA's Mandatory Recovery Provision Nov 2018Financial Services Law Blog<p>It is well known to financial services practitioners that a &ldquo;debt collector&rdquo; under the FDCPA is prohibited from using false or misleading information in furtherance of collecting a debt, and that a debt collector is liable for the claimant&rsquo;s attorneys&rsquo; fees for such a violation. But a recent decision out of the Fifth Circuit serves as a worthwhile reminder that the conduct of a party and its counsel, as well as reasonableness of the fees, matters in considering whether or not to grant recovery of fees.</p> <p>In <i>Davis v. Credit Bureau of the South</i>, the defendant&rsquo;s name alone reveals a violation of 15 U.S.C. &sect;&sect; 1692e(10), (16), as it had ceased to be a credit reporting agency years before it attempted to collect a past due utility debt from Ms. Davis under that name. Cross motions for summary judgment were filed, and the Court found that the defendant was liable for statutory damages under the FDCPA for inaccurately holding itself out as a credit reporting agency.</p> <p>Subsequently, Davis&rsquo; attorneys filed a motion for recovery of their fees, relying upon 15 U.S.C. &sect; 1692k(a)(3), which states that a debt collector who violates these provisions of the FDCPA &ldquo;is liable [ . . . ] [for] the costs of the action, together with reasonable attorneys&rsquo; fees as determined by the court.&rdquo; The motion sought recovery of fees in the amount of $130,410.00 based upon on hourly rate of $450.00. The trial court was, as it held, &ldquo;stunned&rdquo; by the request for fees and denied the motion. For its holding, the court cited to the fact that there was disposed of by summary judgment with a Fifth Circuit case directly on point, and that there were substantial duplicative and excessive fees charged by Plaintiff&rsquo;s multiple counsel. The trial court also characterized the rate of $450.00 as excessive in light of the relative level of difficulty of the case and the fact that the pleadings were &ldquo;replete with grammatical errors, formatting issues, and improper citations.&rdquo; From this order, Davis appealed.</p> <p>In its holding, the Fifth Circuit recognized that the FDCPA&rsquo;s express language, and several other circuit holdings, suggest that attorneys&rsquo; fees to a prevailing claimant are mandatory. However, the Court relied upon other circuits that have permitted &ldquo;outright denial&rdquo; (as opposed to a mere reduction) of attorney&rsquo;s fees for FDCPA claims in &ldquo;unusual circumstances,&rdquo; as well as other Fifth Circuit cases with similar conduct under other statutes containing mandatory attorney fee recovery, to deny recovery of fees altogether. The Court found there was extreme, outrageous conduct that precluded recovery of fees, where the record showed Davis and her counsel had colluded to create the facts giving rise to the action. For instance, Ms. Davis misrepresented that she was a citizen of Texas rather than Louisiana in order to cause the defendant to mail a collection letter, thus &ldquo;engaging in debt collection activities in the state of Texas.&rdquo; Furthermore, Davis and her counsel made repeated, recorded phone calls to the defendant asking repetitive questions in order to generate fees. While the FDCPA&rsquo;s fee recovery provision was intended to deter bad conduct by debt collectors, the Fifth Circuit found it was even more important in this case to deter the bad conduct of counsel.</p> <p>&nbsp;</p> <p>The <i>Davis </i>opinion may be found <a href="">here</a> and is a cautionary tale that attorneys&rsquo; fees, as well as behavior throughout a case, may be held under the microscope, even where the law suggests that fees are recoverable as a matter of right.&nbsp;</p> Financial Services Committee introduces bill to provide uniform reporting standards in the event of data breaches Oct 2018Financial Services Law Blog<p>In the spirit of National Cybersecurity Awareness Month, BSCR reports that Rep. Luetkemeyer of Missouri introduced H.R. 6743, a measure aimed at amending the Gramm-Leach-Bliley Act to provide a national uniform standard for addressing cyber security data breaches. The bill has already made some traction, as it was ordered by vote to be reported to committee last month.</p> <p>Some key amendments would be to revise the following two sections of the GLBA:</p> <p><b><i>Standards with respect to breach notification</i></b></p> <p><i>Each agency or authority required to establish standards described under subsection (b)(3) with respect to the provision of a breach notice shall establish the standards with respect to such notice that are contained in the interpretive guidance issued by the Comptroller of the Currency, the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, and the Office of Thrift Supervision titled Interagency Guidance on Response Programs for Unauthorized Access to Customer Information and Customer Notice, published March 29, 2005 (<a href=";volume=70&amp;page=15736" title="Link to U.S. Government Publishing Office">70 Fed. Reg. 15736</a>), and for a financial institution that is not a bank, such standards shall be applied to the institution as if the institution was a bank to the extent appropriate and practicable.</i></p> <p><b>Relation to State laws</b></p> <p><i>(a)</i></p> <p><i>In general</i></p> <p><i>This subtitle preempts any law, rule, regulation, requirement, standard, or other provision having the force and effect of law of any State, or political subdivision of a State, with respect to securing personal information from unauthorized access or acquisition, including notification of unauthorized access or acquisition of data.</i></p> <p>The full text of the proposed amendments can be found at this <a href="">link.</a></p> <p>It is this second provision that is troubling some state-level authorities. In a <a href="">letter</a> to Chairman Hensarling, John W. Ryan, the President and CEO of the Conference of State Bank Supervisors (CSBS) expressed concern on behalf of state regulators that the bill, if enacted into law, could hurt efforts to protect consumers more than help. Arguing that the GLBA and state privacy laws already provide sufficient guidance for cyber breach events, Mr. Ryan contends that H.R. 6743 would actually undermine state consumer protection laws, and that it would undermine the authority of state attorneys general and other authorities to enforce reporting requirements.</p> <p>BSCR will continue to monitor the status of H.R. 6743, and our Financial Services Law Blog will keep the community posted as to pertinent events.</p>$224 million sought in lawsuit against AT&T over cryptocurrency theft Aug 2018Financial Services Law Blog<p>A cyber thief was able to trick AT&amp;T into providing Michael Terpin&rsquo;s account information, enabling that thief to make off with nearly $24 million in cryptocurrency belonging to Terpin, according to a complaint filed in the U.S. District Court for the District of California in Los Angeles.</p> <p>In the lawsuit, among other things, Terpin alleges that AT&amp;T was negligent in failing to protect its customers&rsquo; private data, and that it willfully disregarded unlawful transactions between AT&amp;T employees and cyber thieves. Terpin claims that his digital currency was lost due to a &ldquo;SIM swap fraud,&rdquo; where the customer&rsquo;s phone number is transferred to a SIM card operated by a hacker, who then resets the customer&rsquo;s passwords and logs into their accounts in order to obtain confidential data and access to assets. Terpin believes that an AT&amp;T employee cooperated in the swap that caused him to lose digital coins that would have been valued at $23.8 million in January of 2018, during a time where the value of the bitcoin was soaring, as previously <a href=";an=72169&amp;format=xml&amp;stylesheet=blog&amp;p=5258">reported</a> by the BSCR financial services law blog. Because he has been publicly involved in cryptocurrency enterprises, Terpin was a prime target for cyber thieves.</p> <p>AT&amp;T has responded to the complaint publicly, stating, &ldquo;We dispute these allegations and look forward to presenting our case in court.&rdquo; Terpin, though, alleges that the telecommunications juggernaut has simply become &ldquo;too big to care,&rdquo; prioritizing expansion and acquisition over investing in hiring qualified professionals, providing ongoing training, or investing in systems that would better protect customer data.</p> <p>While it remains to be seen what the outcome of this litigation will be, this lawsuit serves as a cautionary tale to any large institution that possesses sensitive online account data of its customers. These institutions would be well advised to look into their hiring and training procedures, as well as to consider implementing secure storage systems, in order to curtail future liability. BSCR will continue to monitor this litigation and will provide updates as milestones occur in the case.</p> Local Payday Lender enters into $1 Consent Order with CFPB Aug 2018Financial Services Law Blog<p>An action filed in the United States District Court for the Western District of Missouri culminated after four years with a <a href="">consent order</a> that is catching attention due to its unusually small civil penalty, particularly in light of the severity of the conduct being penalized.</p> <p>Richard Moseley Sr. and others, as well as a multitude of LLCs operating under his control (the &ldquo;Defendants&rdquo;), reached a consent judgment in the amount of $69,623,528, representing the amount of Defendants&rsquo; ill-gotten gains from their illegal payday lending scheme. But, in that same order, execution of the judgment was suspended upon certain conditions, including the following: (1) that Defendants agree not to participate in any further lending or financial services activities, (2) that they permit the CFPB to work with the Department of Justice to use funds from their bank accounts seized in a separate criminal action, and (3) that they each pay a civil penalty of just one dollar.</p> <p>This anemic civil penalty was figured based upon affidavits and documents Defendants provided to the Bureau showing their lack of ability to pay the judgment amount, or apparently even a small fraction of it.</p> <p>The consent order follows the recent criminal conviction of Moseley in the Southern District of New York for conspiracy, collection of unlawful debts, wire fraud, aggravated identity theft, and false disclosures under TILA. Among other things, Moseley and others charged illegally high interest rates, approaching 1,000 percent, on payday loans, took sensitive banking information of prospective customers who had not signed a contract for the loan and withdrew money from their accounts, and falsely reported that his businesses were based in other countries when they were actually operating in the Kansas City area.&nbsp;</p> Major Financial Reform Bill Signed into Law May 2018Financial Services Law Blog<p>Today, President Trump signed into law S. 2155, The Economic Growth, Regulatory Relief and Consumer Protection Act. In doing so, President Trump stated, &ldquo;the legislation I'm signing today rolls back the crippling Dodd-Frank regulations that are crushing small banks.&rdquo;</p> <p>In response to the new law, community lenders across the nation rejoice.&nbsp; On behalf of Independent Community Bankers of America (the &ldquo;ICBA&rdquo;), President and CEO Rebeca Romero Rainey issued a statement that the &ldquo;landmark law signed by the president today unravels many of the suffocating regulatory burdens our nation&rsquo;s community banks face and puts community banks in a much better position to unleash their full economic potential to the benefit of their customers and communities.&rdquo;&nbsp;</p> <p>Some of those regulations include stringent ability-to-repay evaluations, record retention requirements, reporting to regulators, and stress-testing under the authority of the Federal Reserve to determine the ability to withstand a financial crisis. Smaller banks and credit unions reportedly found these regulations to be unduly burdensome for them, given their relative size and resources for compliance. Perhaps the best evidence of this argument is the nearly 2,000 community financial institutions that ceased operations after the Dodd&ndash;Frank Wall Street Reform and Consumer Protection Act was enacted in 2010.</p> <p>Critics of the Act, however, argue that the Act goes too far in deregulation.&nbsp; According to some, decision to raise the &ldquo;enhanced oversight&rdquo; threshold from those banks with $50 billion or more in assets, to those with at least $250 billion, was too severe, and that such a large rollback in regulation could lead to the next major financial crisis in America.&nbsp; Indeed, the Act provides a new standard for &ldquo;too big to fail&rdquo; that excludes nearly two dozen banks that were previously considered to be systematically important financial institutions.</p> <p>Only time will tell the impact of this new legislation, but The Economic Growth, Regulatory Relief and Consumer Protection Act is being hailed as a win for Main Street by many.</p> BSCR previously <a href=";an=75213&amp;format=xml&amp;stylesheet=blog&amp;p=5258">posted</a> about S. 2155 when it was first expected to pass in the Senate and has continued to monitor the bill&rsquo;s progress. The full text of the new law may be found <a href="">here</a>. Circuit Split is Born: Third Circuit Rejects the Discovery Rule for FDCPA Statute of Limitations May 2018Financial Services Law Blog<p>In an <i>en banc</i> opinion issued yesterday, the Third Circuit Court of Appeals upheld the district court&rsquo;s holding that the statute of limitations period for an alleged violation of the Fair Debt Collection Practices Act (the &ldquo;FDCPA&rdquo;), 15 U.S.C. &sect; 1692, et seq., began to run on the date the alleged violation occurred, regardless of when the claimant did, or should have, discovered the violation.</p> <p>This precedential holding in <i>Rotkiske v. Klemm, et al.</i>, represents a new deviation from both the Fourth and the Ninth Circuit Courts of Appeal, who have held that the statute of limitations would not begin to run until the date of discovery of the purported violation. &ldquo;In our view, the Act [FDCPA] says what it means and means what it says: the statute of limitations runs from &lsquo;the date on which the violation occurs,&rsquo;&rdquo; the Court reasoned.</p> <p>In Klemm, the plaintiff alleged that the defendant law firm filed a collection suit that constituted a violation of the FDCPA.&nbsp;Because the plaintiff had moved, and someone else had accepted service on his behalf at the former address, plaintiff claimed that he was not aware of the collection action until years later.&nbsp;On June 29, 2015, the plaintiff sued the defendant law firm and others, alleging that the debt collection lawsuit violated the FDCPA for various reasons.&nbsp;Defendants moved to dismiss Rotkiske&rsquo;s FDCPA claim on the basis that the action was time-barred, and the United States District Court for the Eastern District of Pennsylvania granted dismissal of the action on that basis.</p> <p>On appeal, the plaintiff argued, in line with the Fourth and Ninth Circuit positions, that the statute was tolled until he did, or reasonably should have, discovered the wrongful collection action. Adopting the district court&rsquo;s textualist approach, the Third Circuit Court of Appeals upheld the dismissal, respectfully rejecting the statutory interpretation of the other two circuits on this subject. It is important to note, however, that the Court reinforced the exception of equitable tolling where the defendant&rsquo;s own fraudulent or misleading conduct concealed the facts that would have permitted the plaintiff to discover the FDCPA violation.</p> <p>&nbsp;</p> <p>The opinion of the Third Circuit Court of Appeals may be accessed <a href="">here. </a>&nbsp;</p>