In just 2 short weeks, the first round of Paycheck Protection Program (“PPP”) funding under the CARES Act was exhausted. And it is not difficult to see why – after all, so long as the employer receiving those funds uses at least 75% of the loan proceeds for payroll costs during the eight-week covered period, the loan amount allocated toward each of the following expenses can be forgiven:
- Payroll costs
- Payment of interest on covered mortgage obligations
- Payment on any covered rent obligations, and
- Covered utility payments.
But many small businesses have expressed frustrations about the loan process and lack of access to funding. Adding to those frustrations are the growing reports of not-so-small businesses, or companies with access to other financing, receiving loans and exhausting available funding.
With many parts of the country either closed down or reopening in phases, now is still the time to take advantage of PPP loans. Some tips for small businesses considering applying for a PPP loan are provided below:
- Act swiftly and decisively. The application period is open through June 30, 2020, but since these loans are given on a first-come, first-served basis, it is best to apply as quickly as possible.
- Even if you already submitted an application during the first round of PPP loans, be vigilant in communicating with your lender.If you have not received an approval or denial, stay in frequent contact with your lender in order to ensure that your application packet is complete and that additional information is not needed. If your lender asks for additional documentation, make that a first priority and get it promptly submitted in order to ensure you have the best chance at receiving funds.
- Try working with smaller local banks and community lenders. Most people have learned by now that working with a bank with whom you have an established relationship can give you priority in the PPP Loan application process. But if you have not had luck in this regard, consider working with a new community-based lender for a better chance at receiving funding –local business tends to sympathize and collaborate with other local business.
- What if my business is in a high-turnover industry? While the PPP loan program seems like a “no-brainer” for many businesses, some high-turnover industries may worry about whether or not they can maintain the appropriate headcount in order for most or all of their loan to be forgiven. This can be especially concerning, given the short two-year maturity period on PPP loans for unforgiven portions. The Amount of forgiveness is determined by multiplying the base forgiveness amount by one of the following fractions, to be selected by the borrower:
(Average # of full-time employees per month employed during covered period)
(Ave. # of full-time employees per month employed from Feb. 15, 2019 – June 30, 2019)
(Average # of full-time employees per month employed during covered period)
(Ave. # of full-time employees per month employed during January and February of 2020)
Small business owners who are not confident in employee retention are well-advised to use loan proceeds only for payroll costs and to keep any remaining funds on hand, where possible, in case some repayment is required. And since the CARES Act does not appear to make a distinction between employees who are let go versus those who leave voluntarily, job vacancies should be filled during the covered period to the extent possible. The PPP loan program does carry some risk for high-turnover industries but given that a personal guarantor or collateral is not required, the program is still less risky than traditional loans in most circumstances.
The full text of the CARES Act is available here. Sections 1102 and 1106 provide specific guidance regarding the PPP Loan program and PPP loan forgiveness.
The movement to challenge the constitutionality of the Consumer Financial Protection Bureau (“CFPB”) was given life through the PHH Mortgage case, and then seemingly was left without a pulse after the PHH Mortgage en banc hearing. But in Seila Law, LLC v. CFPB, No. 19-7 (U.S.), the argument that the CFPB’s structure is unconstitutional was resurrected, and it has survived all the way to the Supreme Court of the United States. Today, the High Court heard oral argument from the parties.
It is not often that creditors and debt-relief agencies share the same legal argument in similar cases. However, the argument asserted by Seila Law (a consumer debt relief firm) in the case currently before the Supreme Court, PHH Mortgage, a mortgage servicer, are one and the same. Both entities were originally the subject of CFPB enforcement actions. And both argued in defense that the CFPB’s structure violates the Separation of Powers Clause of the United States Constitution, due to its single-director, terminable-only-for-cause structure. More information about the original PHH Mortgage holding, which was reversed by the D.C. Circuit court en banc, is discussed in our previous post.
A second prong has been added to the unconstitutionality argument in Seila: The Supreme Court must first decide whether the structure of the CFPB is constitutional. If the Court finds it is not, then the Court must decide whether the relevant portions of the Dodd-Frank Act, creating its current structure, may be severed from the rest of the Dodd-Frank Act. In other words, is it necessary to abolish the CFPB altogether in the event its structure is unconstitutional, or may the agency itself be preserved with a more balanced model?
Interestingly, one Supreme Court Justice has already rendered an opinion on the first argument. It so happens that Justice Brett Kavanaugh was sitting on the D.C. Circuit at the time of the original PHH holding, as well as when the en banc Court overturned the original PHH decision. In his dissent to the latter, Justice Kavanaugh stated that the CFPB’s unchecked powers violate the constitution, where the director’s power is “massive in scope, concentrated in a single person, and unaccountable to the President.” Justice Kavanaugh did not recuse himself from the current proceedings, despite critics’ insistence that he do so due to his history with the PHH case.
Kavanaugh’s comments during argument today have reportedly echoed his prior opinions. Chief Justice John Roberts is considered the potential swing vote in this case, and his questions during today’s argument were directed toward both sides.
It is highly unlikely that the Supreme Court will hold that the CFPB should be dismantled altogether. The Trump administration has even softened its position on this issue since President Trump was first campaigning. But for the first time since its creation, there is a real possibility that the structure of the agency will be put into check.
In August we reported on the challenges that financial institutions face in Missouri now that medical cannabis use is permitted, and we suggested that the SAFE Banking Act of 2019, H.R. 1595, would provide a much-needed safe harbor for banks handling cannabis money.
Although there was doubt even a month ago that the SAFE Banking Act would pass, the bill was approved by 321-103, far more than the required 2/3 majority to pass through the House.
The SAFE Banking Act is unique in that it draws both praise and objection from each side of the legislative aisle. While some Republicans support the bill due to its benefit to commerce and the financial services industry, other more socially conservative legislators refuse to support the bill because marijuana remains illegal under federal law, and some believe marijuana to be dangerous.
Conversely, while the bill has garnered some Democratic support due to its progress toward future decriminalization of marijuana and scaling back the war on drugs, others simply do not want to give more power or leniency to financial institutions.
This dichotomy of perspectives even within each party makes it difficult to predict how the SAFE Banking Act will fare in the Senate. But, there is no doubt that Missouri financial institutions would benefit from its passage, and proponents of the bill continue to push hard for it to be put into law.
As a reminder, the SAFE Banking Act would not change the status of cannabis as a Schedule I controlled substance under federal law. But it would permit financial entities to provide checking and savings accounts, credit cards, loans, and other financial products to marijuana-related businesses, and it would also prohibit the feds from seizing assets or taking punitive action against those banking institutions.
We will continue to monitor the status of this legislation.
Now That Missouri is Accepting Marijuana-related Business Licensure Applications, What is the Plan for the Other Green Stuff?August 2, 2019 | Megan Stumph-Turner
From now until August 17, 2019, Missouri entities may apply for a license to cultivate, dispense, manufacture, test, and transport marijuana, pursuant to last year’s passage of Amendment 2, permitting marijuana use for serious medical conditions. A cloudy haze remains, however, over how financial institutions doing business with marijuana-related businesses (“MRBs”) will be governed.
As most are aware, while cannabis is now legal in some form or fashion in more than 30 states as well as D.C., cannabis manufacture and use is still prohibited by federal law. Consequently, handling of proceeds from MRBs is considered money laundering, and financial institutions are required to submit Suspicious Activity Reports (“SARs”) with FinCEN when certain red flags are raised in relation to suspected cannabis business.
The SAFE Banking Act of 2019, H.R. 1595, would provide a safe harbor for financial institutions handling MRB money while the legality of cannabis continues to be debated at the federal level. More specifically, the SAFE Banking Act would prevent federal regulators from interfering with relationships between financial institutions and MRBs in states where cannabis is legal, and it would allow MRBs to access traditional banking services without threat of seizure or prosecution. The bill, if passed, would not change the status of cannabis as a Schedule 1 controlled substance.
In recent weeks, several Missouri credit unions and banks have joined together to urge passage of the SAFE Banking Act, in anticipation of this month’s open application process. Unfortunately, there is not much confidence that it will be passed.So, how much money are we talking about? Last year, cannabis reportedly generated over $8 billion. The revenues are expected to triple over the next 5 years. Even though Missouri’s share will be a fraction of anticipated revenues, that’s still going to be a whole lot of green. Now, Missouri financial institutions and prospective MRBs will remain in the sticky situation of figuring out what to do with all of it.
Compliance Check for Financial Institutions: Is Your Website ‘Accessible' to those with Disabilities?June 10, 2019 | Megan Stumph-Turner
What do Amazon, Domino’s, and Beyoncé have in common? Their websites have all have been the subject of high profile lawsuits alleging failure to comply with the Americans with Disabilities Act of 1990 (the “ADA”). Your financial institution could be, too, if it has not taken measures to ensure its website is ADA compliant.
We most often associate the ADA with physical limitations of brick and mortar buildings. But in recent years, several courts have extended the protections of the ADA to customers using websites in times where we conduct most of our business online. The relevant portion of the ADA provides that “No individual shall be discriminated against on the basis of disability in the full and equal enjoyment of the goods, services, facilities, privileges, advantages, or accommodations of any place of public accommodation by any person who owns, leases (or leases to) or operates a place of public accommodation.” 42 U.S.C. §12182(a). Even though the ADA has not been amended to specifically address websites, several courts have held that the ADA applies to website accessibility, whether by nexus to a physical location or by the website’s public nature.
There is currently a split among the circuits as to whether or not a website falls under the scope of the ADA, but recent cases show a tilt in favor of holding that websites are either places of public accommodation in their own right, or have a sufficient nexus to services provided out of a brick and mortar location to fall under the ADA. In one of the more recent cases, the Ninth Circuit Court of Appeals held that an ADA lawsuit could proceed against Domino’s for alleged failure to comply with appropriate accessibility standards for its website. The Court reasoned, “The statute applies to the services of a place of public accommodation, not services in a place of public accommodation. To limit the ADA to discrimination in the provision of services occurring on the premises of a public accommodation would contradict the plain language of the statute.” Domino’s had not established that compliance would be an undue burden or would materially alter its business, such that the ADA claim was permissible.
While ADA website litigation is not altogether new, it has gained traction in the past couple of years. Financial Services Litigators are closely monitoring these cases across the country and expect these filings against banks and credit unions to increase, due to increasing popularity of, and reliance upon, online banking by customers. Financial institutions are encouraged to ensure their websites comply with the current industry standard for accessibility, as well as state-level requirements. In evaluating its website, a financial institution should ask these questions:
- Is the website “perceivable”? Does it:
- Provide text alternatives for non-text content
- Provide captions and other alternatives for multimedia
- Create content that can be presented in different ways
- including by assistive technologies, without losing meaning
- Make it easier for users to see and hear content
- Is the website “operable”? Does it:
- Make all functionality available from a keyboard
- Give users enough time to read and use content
- Avoid content that causes seizures
- Help users navigate and find content
- Is the website “Understandable”? Does it:
- Make text readable and understandable
- Make content appear and operate in predictable ways
- Help users avoid and correct mistakes
- Is the website “Robust”? Does it:
- Maximize compatibility with current and future user tools.
The Eighth and Tenth Circuits have not yet issued rulings applicable to this topic. We will continue to monitor for new cases and provide updates.
Earlier this month, the CFPB took one of its first substantial steps under new leadership, with a Notice of Proposed Rulemaking seeking to rescind the underwriting requirements of the Bureau’s 2017 Final Rule regarding payday loans, vehicle title loans, and high-cost installment loans (the “2017 Payday Loan Rule”). Signed by new director Kathy Kraninger and published on February 6, this proposal is open for comment through May 7, 2019.
This recent proposal seeks to eliminate the “identification” provision in the 2017 Payday Loan Rule that makes it an unfair and abusive practice for lenders to make these types of loans without making a reasonable determination that the customer will have the ability to repay those loans. The new proposed rule also seeks to remove the “prevention” provision, which set forth certain underwriting guidelines that lenders were going to be required to use in an effort to prevent loans from issuing to borrowers not reasonably likely to be able to repay. Also subject to elimination were new recordkeeping and reporting requirements promulgated by the 2017 Rule. Director Kraninger’s new proposal did not seek to remove any of the new payment policies put into effect by the 2017 Rule.
In its Notice, the CFPB reasoned that there was not sufficient evidence to support the 2017 Rule, particularly where the 2017 Rule would prevent many consumers from accessing credit when needed. The CFPB also noted that most states have some degree of regulation in place as to payday loans, with varying levels of oversight and intricacy. To impose an additional federal, uniform requirement over the industry, it maintains, would be overly burdensome to both lenders and consumers seeking credit.
The CFPB acknowledged that, in response to the original proposed 2017 Payday Loan Rule, it received a substantial number of comments from those who observed undesirable consequences from payday lending. However, those comments were far outnumbered by those from consumers who reported that payday loans, title loans, and other applicable products had been a necessary tool for survival in hard times where no other financing was available due to poor or nonexistent credit history.
In the alternative, the CFPB also proposed that enforcement of the 2017 Payday Loan Rule underwriting requirements be delayed due to massive overhaul in technology and training payday lenders would have to undergo in order to meet these underwriting requirements.
Director Kraninger has welcomed comment on all sides regarding this proposal, but it seems likely at this point that the anticipated underwriting requirements of the 2017 Rule will not be implemented or enforced.
The Notice of Proposed Rulemaking to rescind the underwriting requirements may be found here. BSCR will continue to monitor until a final rule is issued.
It is well known to financial services practitioners that a “debt collector” under the FDCPA is prohibited from using false or misleading information in furtherance of collecting a debt, and that a debt collector is liable for the claimant’s attorneys’ fees for such a violation. But a recent decision out of the Fifth Circuit serves as a worthwhile reminder that the conduct of a party and its counsel, as well as reasonableness of the fees, matters in considering whether or not to grant recovery of fees.
In Davis v. Credit Bureau of the South, the defendant’s name alone reveals a violation of 15 U.S.C. §§ 1692e(10), (16), as it had ceased to be a credit reporting agency years before it attempted to collect a past due utility debt from Ms. Davis under that name. Cross motions for summary judgment were filed, and the Court found that the defendant was liable for statutory damages under the FDCPA for inaccurately holding itself out as a credit reporting agency.
Subsequently, Davis’ attorneys filed a motion for recovery of their fees, relying upon 15 U.S.C. § 1692k(a)(3), which states that a debt collector who violates these provisions of the FDCPA “is liable [ . . . ] [for] the costs of the action, together with reasonable attorneys’ fees as determined by the court.” The motion sought recovery of fees in the amount of $130,410.00 based upon on hourly rate of $450.00. The trial court was, as it held, “stunned” by the request for fees and denied the motion. For its holding, the court cited to the fact that there was disposed of by summary judgment with a Fifth Circuit case directly on point, and that there were substantial duplicative and excessive fees charged by Plaintiff’s multiple counsel. The trial court also characterized the rate of $450.00 as excessive in light of the relative level of difficulty of the case and the fact that the pleadings were “replete with grammatical errors, formatting issues, and improper citations.” From this order, Davis appealed.
In its holding, the Fifth Circuit recognized that the FDCPA’s express language, and several other circuit holdings, suggest that attorneys’ fees to a prevailing claimant are mandatory. However, the Court relied upon other circuits that have permitted “outright denial” (as opposed to a mere reduction) of attorney’s fees for FDCPA claims in “unusual circumstances,” as well as other Fifth Circuit cases with similar conduct under other statutes containing mandatory attorney fee recovery, to deny recovery of fees altogether. The Court found there was extreme, outrageous conduct that precluded recovery of fees, where the record showed Davis and her counsel had colluded to create the facts giving rise to the action. For instance, Ms. Davis misrepresented that she was a citizen of Texas rather than Louisiana in order to cause the defendant to mail a collection letter, thus “engaging in debt collection activities in the state of Texas.” Furthermore, Davis and her counsel made repeated, recorded phone calls to the defendant asking repetitive questions in order to generate fees. While the FDCPA’s fee recovery provision was intended to deter bad conduct by debt collectors, the Fifth Circuit found it was even more important in this case to deter the bad conduct of counsel.
The Davis opinion may be found here and is a cautionary tale that attorneys’ fees, as well as behavior throughout a case, may be held under the microscope, even where the law suggests that fees are recoverable as a matter of right.
House Financial Services Committee introduces bill to provide uniform reporting standards in the event of data breachesOctober 17, 2018 | Megan Stumph-Turner
In the spirit of National Cybersecurity Awareness Month, BSCR reports that Rep. Luetkemeyer of Missouri introduced H.R. 6743, a measure aimed at amending the Gramm-Leach-Bliley Act to provide a national uniform standard for addressing cyber security data breaches. The bill has already made some traction, as it was ordered by vote to be reported to committee last month.
Some key amendments would be to revise the following two sections of the GLBA:
Standards with respect to breach notification
Each agency or authority required to establish standards described under subsection (b)(3) with respect to the provision of a breach notice shall establish the standards with respect to such notice that are contained in the interpretive guidance issued by the Comptroller of the Currency, the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, and the Office of Thrift Supervision titled Interagency Guidance on Response Programs for Unauthorized Access to Customer Information and Customer Notice, published March 29, 2005 (70 Fed. Reg. 15736), and for a financial institution that is not a bank, such standards shall be applied to the institution as if the institution was a bank to the extent appropriate and practicable.
Relation to State laws
This subtitle preempts any law, rule, regulation, requirement, standard, or other provision having the force and effect of law of any State, or political subdivision of a State, with respect to securing personal information from unauthorized access or acquisition, including notification of unauthorized access or acquisition of data.
The full text of the proposed amendments can be found at this link.
It is this second provision that is troubling some state-level authorities. In a letter to Chairman Hensarling, John W. Ryan, the President and CEO of the Conference of State Bank Supervisors (CSBS) expressed concern on behalf of state regulators that the bill, if enacted into law, could hurt efforts to protect consumers more than help. Arguing that the GLBA and state privacy laws already provide sufficient guidance for cyber breach events, Mr. Ryan contends that H.R. 6743 would actually undermine state consumer protection laws, and that it would undermine the authority of state attorneys general and other authorities to enforce reporting requirements.
BSCR will continue to monitor the status of H.R. 6743, and our Financial Services Law Blog will keep the community posted as to pertinent events.
A cyber thief was able to trick AT&T into providing Michael Terpin’s account information, enabling that thief to make off with nearly $24 million in cryptocurrency belonging to Terpin, according to a complaint filed in the U.S. District Court for the District of California in Los Angeles.
In the lawsuit, among other things, Terpin alleges that AT&T was negligent in failing to protect its customers’ private data, and that it willfully disregarded unlawful transactions between AT&T employees and cyber thieves. Terpin claims that his digital currency was lost due to a “SIM swap fraud,” where the customer’s phone number is transferred to a SIM card operated by a hacker, who then resets the customer’s passwords and logs into their accounts in order to obtain confidential data and access to assets. Terpin believes that an AT&T employee cooperated in the swap that caused him to lose digital coins that would have been valued at $23.8 million in January of 2018, during a time where the value of the bitcoin was soaring, as previously reported by the BSCR financial services law blog. Because he has been publicly involved in cryptocurrency enterprises, Terpin was a prime target for cyber thieves.
AT&T has responded to the complaint publicly, stating, “We dispute these allegations and look forward to presenting our case in court.” Terpin, though, alleges that the telecommunications juggernaut has simply become “too big to care,” prioritizing expansion and acquisition over investing in hiring qualified professionals, providing ongoing training, or investing in systems that would better protect customer data.
While it remains to be seen what the outcome of this litigation will be, this lawsuit serves as a cautionary tale to any large institution that possesses sensitive online account data of its customers. These institutions would be well advised to look into their hiring and training procedures, as well as to consider implementing secure storage systems, in order to curtail future liability. BSCR will continue to monitor this litigation and will provide updates as milestones occur in the case.
An action filed in the United States District Court for the Western District of Missouri culminated after four years with a consent order that is catching attention due to its unusually small civil penalty, particularly in light of the severity of the conduct being penalized.
Richard Moseley Sr. and others, as well as a multitude of LLCs operating under his control (the “Defendants”), reached a consent judgment in the amount of $69,623,528, representing the amount of Defendants’ ill-gotten gains from their illegal payday lending scheme. But, in that same order, execution of the judgment was suspended upon certain conditions, including the following: (1) that Defendants agree not to participate in any further lending or financial services activities, (2) that they permit the CFPB to work with the Department of Justice to use funds from their bank accounts seized in a separate criminal action, and (3) that they each pay a civil penalty of just one dollar.
This anemic civil penalty was figured based upon affidavits and documents Defendants provided to the Bureau showing their lack of ability to pay the judgment amount, or apparently even a small fraction of it.
The consent order follows the recent criminal conviction of Moseley in the Southern District of New York for conspiracy, collection of unlawful debts, wire fraud, aggravated identity theft, and false disclosures under TILA. Among other things, Moseley and others charged illegally high interest rates, approaching 1,000 percent, on payday loans, took sensitive banking information of prospective customers who had not signed a contract for the loan and withdrew money from their accounts, and falsely reported that his businesses were based in other countries when they were actually operating in the Kansas City area.
Today, President Trump signed into law S. 2155, The Economic Growth, Regulatory Relief and Consumer Protection Act. In doing so, President Trump stated, “the legislation I'm signing today rolls back the crippling Dodd-Frank regulations that are crushing small banks.”
In response to the new law, community lenders across the nation rejoice. On behalf of Independent Community Bankers of America (the “ICBA”), President and CEO Rebeca Romero Rainey issued a statement that the “landmark law signed by the president today unravels many of the suffocating regulatory burdens our nation’s community banks face and puts community banks in a much better position to unleash their full economic potential to the benefit of their customers and communities.”
Some of those regulations include stringent ability-to-repay evaluations, record retention requirements, reporting to regulators, and stress-testing under the authority of the Federal Reserve to determine the ability to withstand a financial crisis. Smaller banks and credit unions reportedly found these regulations to be unduly burdensome for them, given their relative size and resources for compliance. Perhaps the best evidence of this argument is the nearly 2,000 community financial institutions that ceased operations after the Dodd–Frank Wall Street Reform and Consumer Protection Act was enacted in 2010.
Critics of the Act, however, argue that the Act goes too far in deregulation. According to some, decision to raise the “enhanced oversight” threshold from those banks with $50 billion or more in assets, to those with at least $250 billion, was too severe, and that such a large rollback in regulation could lead to the next major financial crisis in America. Indeed, the Act provides a new standard for “too big to fail” that excludes nearly two dozen banks that were previously considered to be systematically important financial institutions.
Only time will tell the impact of this new legislation, but The Economic Growth, Regulatory Relief and Consumer Protection Act is being hailed as a win for Main Street by many.BSCR previously posted about S. 2155 when it was first expected to pass in the Senate and has continued to monitor the bill’s progress. The full text of the new law may be found here.
In an en banc opinion issued yesterday, the Third Circuit Court of Appeals upheld the district court’s holding that the statute of limitations period for an alleged violation of the Fair Debt Collection Practices Act (the “FDCPA”), 15 U.S.C. § 1692, et seq., began to run on the date the alleged violation occurred, regardless of when the claimant did, or should have, discovered the violation.
This precedential holding in Rotkiske v. Klemm, et al., represents a new deviation from both the Fourth and the Ninth Circuit Courts of Appeal, who have held that the statute of limitations would not begin to run until the date of discovery of the purported violation. “In our view, the Act [FDCPA] says what it means and means what it says: the statute of limitations runs from ‘the date on which the violation occurs,’” the Court reasoned.
In Klemm, the plaintiff alleged that the defendant law firm filed a collection suit that constituted a violation of the FDCPA. Because the plaintiff had moved, and someone else had accepted service on his behalf at the former address, plaintiff claimed that he was not aware of the collection action until years later. On June 29, 2015, the plaintiff sued the defendant law firm and others, alleging that the debt collection lawsuit violated the FDCPA for various reasons. Defendants moved to dismiss Rotkiske’s FDCPA claim on the basis that the action was time-barred, and the United States District Court for the Eastern District of Pennsylvania granted dismissal of the action on that basis.
On appeal, the plaintiff argued, in line with the Fourth and Ninth Circuit positions, that the statute was tolled until he did, or reasonably should have, discovered the wrongful collection action. Adopting the district court’s textualist approach, the Third Circuit Court of Appeals upheld the dismissal, respectfully rejecting the statutory interpretation of the other two circuits on this subject. It is important to note, however, that the Court reinforced the exception of equitable tolling where the defendant’s own fraudulent or misleading conduct concealed the facts that would have permitted the plaintiff to discover the FDCPA violation.
The opinion of the Third Circuit Court of Appeals may be accessed here.
Following unsuccessful attempts to overhaul Dodd-Frank through varied iterations of the Financial CHOICE Act, the Senate is expected to vote in the immediate future on the “Economic Growth, Regulatory Relief, and Consumer Protection Act” (S. 2155).
The bill is sponsored by Idaho senator Michael Crapo (R), and it includes revisions to the Truth in Lending Act (“TILA”), the Bank Holding Company Act, the Volcker Rule, and the United States Housing Act, among others. As part of its bipartisan appeal, the proposed law also includes new protections for consumers to prevent identity theft and cybersecurity breaches, as well as relief for from private student loan debt.
If passed, this act would relieve relatively smaller banks from some of the burdens imposed by heightened regulations, such as ability-to-repay evaluations, record retention, reporting to regulators, and stress-testing. Dodd-Frank requires those banks with more than $50 million in assets, representing roughly the 40 largest banks, to follow the most stringent protocol, while the new bill would raise that tipping point to $250 billion in assets, or the top 12 banks.
Mortgage origination would be impacted as well. The bill creates somewhat of an incentive for lenders to hold on to the mortgages they originate, as it exempts them from the strict underwriting standards of Dodd-Frank if the lender continues to service and hold the loan. Furthermore, banks that originate less than 500 mortgages a year would have relaxed reporting requirements for racial and income data.
Touted as maintaining necessary protections of Dodd-Frank while providing much-needed relief to small and regional banks, the bill represents the first major bipartisan effort to reform financial regulation in recent history, with 20 co-sponsors from both major parties. Although there has been some difficulty in determining which amendments will be accepted and rejected, it is expected to pass at some point. The bill will face a challenge, however, if it proceeds to the House, as House Republicans have already indicated that, in its current form, the bill does not go far enough to undo Dodd-Frank.
The full text of S. 2155, as well as the bill’s progress, may be tracked here.
He now leads the Consumer Financial Protection Bureau (the “CFPB”) – the very organization he once called a “sad, sick joke.” But acting director Mick Mulvaney assures the public that he has no intention to burn it down, and that the CFPB will continue enforcing consumer protection laws.
2017 ended with former CFPB Director Richard Cordray stepping down from his post, so that he could pursue his candidacy for Governor in Ohio. Mulvaney was subsequently appointed by President Trump as interim director, and he will continue in this role until a permanent replacement is appointed by the Senate.
Mulvaney issued a memo last week stating his intentions with respect to how the CFPB would change under his leadership. He focused on the language of his predecessor, Cordray, who publicly described the CFPB during his tenure as “pushing the envelope” in its fight to protect consumers from unscrupulous practices of lenders and other businesses. Contrarily, Mulvaney reasoned that the CFPB works for all people, including “those who use credit cards, and those who provide the cards; those who take loans, and those who make them; those who buy cars, and those who sell them.”
That, it seems, could be the most significant change in tune from the Cordray to the Mulvaney era. Since its inception, we have seen the CFPB’s one-sided focus on protecting the consumer; after all, that is the “C” in “CFPB,” and the assumption was that business can take care of itself. Now, we see a new perspective – that banks, creditors, and merchants are people in need of protection under the law, because they are comprised of people.
Mulvaney further assured that the CFPB would strive to protect consumers from unavoidable harm but would not “look for lawsuits to file,” and that the CFPB would no longer engage in the unpredictable practice of regulation by enforcement.
We already have the first concrete examples of the CFPB policy shift. Earlier this month, the CFPB issued a statement that the Bureau intends to engage in a rulemaking process so that it may reconsider the Payday Rule, which if it went into effect, would place the onus on payday lenders to determine the borrower’s ability to repay before making the loan. Just two days later, the CFPB dismissed a lawsuit that it had filed last year in Kansas federal court against four payday lending companies.
The CFPB has also invited industry personnel and attorneys to comment on the Civil Investigative Demand process, recognizing that many in the financial services industry felt their critiques about the enforcement process were disregarded or ignored in the past.
The full content of Mulvaney’s memo concerning the CFPB policy shift may be found here.
Its exact origins are somewhat of a mystery, but it is believed that Satoshi Nakamoto, perhaps a pseudonym for more than one creator, first developed the concept of the bitcoin in 2007. In October of 2008, “Nakamoto” published his first paper describing the peer-to-peer, online-based cash system. The first Bitcoin transaction occurred in early 2009, and since then, the cryptocurrency market has exploded, and now major retailers, including Overstock.com, Microsoft, Dish Network, Etsy, Expedia, and even Subway have begun accepting Bitcoin for transactions in some capacity. And its value has catapulted, now exceeding $11,000 USD.
But what’s on the other side of the coin? First, Bitcoin users can make anonymous transfers, which lends itself well to criminal, underground activity. Likewise, a virtually unregulated market leaves Bitcoin transactions subject to a high risk of fraud, with no recourse for jilted consumers. While some individual U.S. states have introduced legislation attempting to regulate cryptocurrency, the federal government has not, leaving the environment unstable.
Furthermore, the exponential increase in its value and lack of regulation leaves many experts wondering if this Bitcoin craze is just a bubble, only to be followed by a crash.
While cryptocurrency faces skepticism, the blockchain technology used to effectuate Bitcoin transfers has earned much praise as an alternative for future banking systems, particularly in expediting international payments. And in light of this year’s highly publicized data breaches, financial institutions may be well advised to explore the use of blockchain technology to prevent public dissemination of sensitive information, as it is touted for its resilient data protection capabilities.
Financial institutions in particular have been wary about the growing popularity of the Bitcoin. Jamie Dimon, CEO of JPMorgan Chase Bank, issued a statement questioning its legitimacy. “It’s just not a real thing, eventually it will be closed,” said Dimon, who further threatened to “fire in a second” any JPMorgan trader who attempted to trade Bitcoin. The Bank’s CFO, Marianne Lake, shortly thereafter qualified Dimon’s statements, avowing that JPMorgan remains “ very open minded to the potential use cases in future for digital currencies that are properly controlled and regulated.” This sentiment reflects that held by many institutions – most are open to the idea of a new type of currency, but are reluctant to engage until the currency is widely regulated.
Regulating the Bitcoin presents several challenges. For one thing, while Bitcoin transcends borders, there is no uniformity among nations, or even states in the U.S., about how it should be treated or regulated. Furthermore, there is inconsistency among legislators and the judiciary about whether Bitcoin is a currency or a commodity, thus making legislation difficult to draft. Even so, the SEC has recently expressed its intent to begin regulating the sale of Bitcoin and other cryptocurrency.
Fad or not, the Bitcoin is sure to be a continued hot topic internationally among regulators and financial institution in the coming months.
It ended before it ever began. As reported in a prior post, in July of 2017, the Consumer Financial Protection Bureau (the “CFPB”) enacted a new rule that would have prohibited financial institutions from including arbitration provisions in their contracts with customers wherein the customers waived their right to bring class action litigation against the creditor. The new rule was set to take effect in early 2018.
Not under our watch, said the United States Senate. Promptly following the CFPB’s issuance of the new arbitration rule, Sen. Mike Crapo of Indiana introduced S.J.Res.47, “Providing for congressional disapproval under chapter 8 of title 5, United States Code, of the rule submitted by Bureau of Consumer Financial Protection relating to “Arbitration Agreements.” The resolution required only a simple majority vote to be enacted into law. Indeed, the resolution came down to a 51-50 vote, with Vice President Mike Pence breaking the tie.
The CFPB rule was designed with the intention of protecting consumers from an unknowing waiver of their right to pursue legal remedies, such as class action litigation. Research revealed that 3 out of 4 consumers who had entered into such arbitration clauses in their loan agreements were not aware they had done so.
Critics of the arbitration rule have maintained that the rule is a violation of individuals’ freedom to contract – after all, the consumer arguably could choose not to do business with that lender if unhappy with the terms of the agreement. Furthermore, many observed that the only parties who stood to benefit from the prohibition of class action waivers are the plaintiff’s attorneys representing consumers, and not the consumers themselves, since individual payouts from class litigation are often nominal.
Responding to the Senate’s vote to overturn the arbitration rule, CFPB Director Richard Cordray called the decision a “giant setback for every consumer in this country” and predicted that financial institutions would now “remain free to break the law without fear of legal blowback from their customers.”
Conversely, the Trump Administration commended the result of the Senate’s Vote, in a statement released shortly thereafter: "By repealing this rule, Congress is standing up for everyday consumers and community banks and credit unions, instead of the trial lawyers, who would have benefited the most from the CFPB’s uninformed and ineffective policy.”
So, while these consumer credit arbitration clauses will likely remain a controversial topic for years to come, the rule intended to get rid of them has instead been extinguished.
Almost immediately upon announcement of the Equifax data breach, the plaintiff’s bar speedily initiated class litigation on behalf of consumers for purported failures by Equifax to protect its customer data. For instance, just one day after the breach became public knowledge, a multi-billion dollar class action suit was filed in Portland, Oregon.
We can undoubtedly expect to see more class action litigation crop up, as it has consistently on a daily basis since announcement of the breach. Nevertheless, the threat to Equifax does not stop at private litigation. Several state attorneys general have already announced plans to investigate the breach.
While the timeframe permitted to disclose a data breach varies from state to state, most states do have a requirement that the data breach be disclosed by the soonest reasonable date possible. The delay by Equifax in announcing the breach will certainly serve as the basis for many state-level investigations and penalties. It is reported that the breach occurred as early as May 2017, was discovered by Equifax in July 2017, but was not reported until September 7.
Several state attorneys general, including: Tom Miller, Iowa; Derek Schmidt, Kansas; Joshua Hawley, Missouri; and Douglas Peterson, Nebraska, have joined in a letter to Equifax expressing their concerns with the manner in which Equifax has handled the breach, thus far. Those concerns include many having to do with customer service and accessibility to information.
In particular, though, the state attorneys general have taken issue with Equifax reportedly requiring consumers to enter into mandatory arbitration agreements or pay fees for credit monitoring services that are otherwise available for free to the public. The letter states, “The fact that Equifax’s own conduct created the need for these services demands that they be offered to consumers without tying the offer to complicated terms of service that may require them to forego certain rights,” and “We remain concerned that Equifax continues to market its fee-based services to consumers affected by its data breach.”
The letter in its entirety is available here.
In excess of 143 million consumers’ personal information may have been compromised, and a software flaw is reported to be the cause. The compromised information includes names, dates of birth, addresses, social security numbers, credit card numbers, and even driver’s license numbers. Experts report that the number of affected consumers will likely increase as time passes.
Earlier this month, the Eighth Circuit Court of Appeals overturned the lower court’s decision in a case that involved a dispute over whether the Railroad Retirement Tax Act (RRTA) requires a railroad to pay taxes upon issuing stock as compensation to employees.
In an opinion mirroring, and even explicitly referencing, the textualist sentiment of Justice Gorsuch’s opinion in Hensen v. Santander, the Eight Circuit addressed the parties’ respective positions as to what the words “money” and “compensation” mean in the context of the RRTA. While the federal government argued that “money” has a broad and sometimes intangible meaning, Union Pacific maintained that “money” must refer to a “medium of exchange” – i.e., something tangible and of value that may be given in exchange for goods or services. The Eighth Circuit found Union Pacific’s reading of the text to be more compelling than the government’s.
In its discussion, the Court further distinguished the RRTA from FICA, which includes a more all-encompassing definition for compensation subject to taxation. The Court explained that, since the RRTA and FICA’s predecessor were drafted during the same time period, any difference or distinction between each law’s definition of compensation must have been intentional.
It is certainly worth noting that the Eighth Circuit referenced and rejected a recent holding by the Seventh Circuit in Wisconsin Cent Holding v. United States that stock may be considered “money remuneration” that is tantamount to cash, reasoning that “one cannot pay for produce at the local grocery store with stock.”
The Eighth Circuit also reversed the lower court’s decision concerning ratification payments made pursuant to a union’s collective bargaining agreements, because those payments were not made pursuant to “employment” of the individual by Union Pacific.
With that, the Eighth Circuit completely reversed the summary judgment rulings previously entered in favor of the United States and against Union Pacific, thus entitling Union Pacific to a $75 million refund for taxes paid over the course of 10 years on stock compensation and ratification payments.
The full text of the Eight Circuit’s opinion is available here.
In an effort to afford consumers with greater accessibility to the courtroom, the Consumer Financial Protection Bureau (the “CFPB”) has enacted a new rule that, while it does not ban arbitration clauses outright, does substantially limit a financial institution’s right to mandatory arbitration provisions. Specifically, the new rule prohibits financial institutions and consumers from contracting to waive the consumer’s right to join in class action lawsuits with other consumers against that entity.
The arbitration rule was preceded by a CFPB study, spanning several years, of the prevalence and impact of arbitration clauses in consumer financial contracts. One of the chief concerns of the CFPB is the plain ignorance of consumers with respect to arbitration clauses contained within consumer contracts. According to the study, more than half of credit card and checking account agreements contain mandatory arbitration provisions. Yet, 3 out of 4 of consumers who entered into agreements with such arbitration clauses were not aware that they had done so.
CFPB Director Richard Cordray, in his public statement regarding the new rule, further justified the rule on the basis that class action lawsuits are more effective in curbing unsavory lending and servicing practices than arbitration, as the penalties and damages imposed in class action litigation vastly exceed those assessed in arbitration.
In addition to restricting arbitration provisions, the new rule requires financial institutions to report the results of arbitration to the Bureau so that the results may be assessed for fairness and effectiveness. It is important to note that the rule only applies to new contracts between consumers and financial institutions, and not those already in effect.
Predictably, commentators and critics have already observed that the new arbitration rule truly stands to benefit the plaintiff’s class action bar, rather than the consumers being represented in class action litigation. Some also view the arbitration rule as an unjust infringement of the freedom to contract with no rational basis under the law. Legal challenges to the new arbitration rule in the coming months are unquestionably imminent. The new arbitration rule may be found here.
Ponzi Schemes and Bankers: Eighth Circuit Upholds Bank's Right To Presume A Fiduciary Is Acting Lawfully Under Missouri's Uniform Fiduciaries LawJune 21, 2017 | Martha Charepoo
Martin Sigillito, the former St. Louis Attorney who was convicted in 2011 for his involvement in a $52 million Ponzi scheme, is 7 years into a 47-year federal sentence, but the Eight Circuit for a second time just decided that many of his investors cannot recoup their losses from a bank where Sigillito kept the accounts he used to defraud them. In Roseman v. St. Louis Bank, 2017 U.S. App. LEXIS 9075 (8th Cir. 2017), St. Louis Bank avoided liability for investors’ losses in the Ponzi scheme. The Eighth Circuit found that St. Louis Bank did not know the money moving through Sigillito’s accounts was being used by him to cover returns on earlier investments. Roseman followed on the heels of another Eighth Circuit case involving similar claims against PNC Bank for investors’ losses in the same Ponzi scheme which also ruled for the bank. Aguilar v. PNC Bank, N.A., 835 F.3d 390 (8th Cir. 2017).
In Roseman, investors sued St. Louis Bank where Sigillito held several commercial accounts from 2006 to 2011, claiming among other things that the bank violated Missouri’s Uniform Fiduciaries Law (“UFL”) because it knew Sigillito was breaching his fiduciary duties, acted in bad faith, and knew the schemer was benefiting himself with the funds. The accounts were business checking and “Interest on Lawyers Trust Account” (IOLTA) accounts that bore only the name of Sigilitto’s law firm or Sigilitto as an attorney.
A three-judge panel affirmed the Eastern District of Missouri’s grant of summary judgment in the bank’s favor, refusing to hold the bank liable for the Ponzi scheme’s victims’ claims, concluding that the investors failed to present evidence that the bank knew or had reason to even suspect that Sigillito was using investors’ funds for other purposes. In doing so, the Eight Circuit shunned the investors’ attempt to apply the UFL as a strict liability statute and instead followed its interpretation of a bank’s duties with respect to fiduciaries under the UFL in Aguilar which held that the statue requires actual knowledge of a fiduciary’s breach of its duties or knowledge of sufficient facts that constitute bad faith on the part of the fiduciary.
Quoting Aguilar, the court stated thatactual knowledge means “an awareness that, at the moment, the fiduciary was defrauding the principal.” To prove awareness, the investors had the burden of presenting “express factual information” that Sigillito was using the fiduciary funds for personal purposes. Several key facts lead the court to conclude that the investors’ evidence was insufficient to prove that the bank knew that Sigillito’s conduct constituted a breach of his fiduciary duty. None of the accounts referenced the British Lending Program (“BLP”), Sigilitto’s name for the investment program he claimed would facilitate loans to an English law firm to fund black lung claims by English coal miners. Also, the bank employee who worked with Sigillito and his assistant on bank transactions knew nothing about the BLP. The court also noted that the multiple-source nature of an IOLTA account made it impossible for the bank to know the source of any single deposit. The court held that simply knowing that Sigilitto was moving large sums of money between his law firm’s accounts was not enough to trigger any duty on the bank’s part to investigate the transactions or suspect that Sigillito was misusing funds.
Nor did the court agree that the bank acted in bad faith despite overdraft activity on the IOLTA account. The court applied Aguilar’s test for bad faith, i.e. “whether it is commercially justifiable for the person accepting a negotiable instrument to disregard and refuse to learn facts readily available.” Per Aguilar, this requires the existence of facts and circumstances that are so obvious that remaining passive is bad faith. The court acknowledged that a bank’s tolerance of significant overdrafts or check kiting can constitute bad faith under the UFL, but only when the bank knows that the account is a fiduciary account containing the principal’s funds. The court explained that an IOLTA account is a fiduciary account but differs from a typical trust account because the funds it contains could be owed to the any of the beneficiaries involved, i.e. the attorney or unrelated third-parties. Thus, the court found that the activity patterns on the IOLTA account would not have caused the bank to know that Sigillito was misappropriating client funds. Moreover, the court believed that the existence of funds in other accounts to cover those overdrafts would have eased any potential concerns.
Thus, the Eighth Circuit once again upholds a very high standard for holding a bank liable for a Ponzi scheme or anyone else’s breach of fiduciary duty under the UFL.
Yesterday, the United States Supreme Court, in a unanimous decision, issued a ruling that resolves a circuit split as to whether or not the purchaser of a defaulted debt is a “debt collector” under the Fair Debt Collection Practices Act (the “FDCPA”). In the first Supreme Court opinion authored by Justice Neil Gorsuch, the Court held that Santander, the purchaser of a defaulted debt, was not a “debt collector” as defined by the Act.
The Supreme Court’s opinion focused on the plain language of the statute, which defines a debt collector as a person or entity who “regularly collects or attempts to collect, directly or indirectly, debts owed or due or asserted to be owed or due another.” 15 USC § 1692a(6). There has been a split among the circuits as to whether that definition is to be applied to a debt buyer who purchases accounts in default, and then collects on those accounts.
The rationale of the opinion was hinged on syntax and legislative intent, in large part. Plaintiff argued that “owed” was to be read as past-tense, meaning that the debt in question used to be owed to another party. But the Court rejected this argument and provided plaintiff a rather costly grammar lesson, reasoning that, had Congress intended for the term “owed” to be read in the past tense, it would have drafted the definition to read “were owed or are due another.” Rather, the Court held, the definition is to be interpreted to mean that a debt collector is someone who does not own the debt, but is collecting on behalf of a separate party who owns or originated the debt.
The Court further reasoned that, had Congress intended for the definition of a “debt collector” to include purchasers of debt, it would have included a distinction between an original creditor and a “current” creditor in the definition, as it had done throughout the Act in other sections.
The Henson outcome will certainly have a chilling effect on FDCPA litigation in many circuits, where successor owners of debt have been ordered to pay immeasurable damages in litigation for purported violations of the FDCPA. The opinion may be found in its entirety here.
In a transparently partisan vote today, the House passed the 2017 Financial CHOICE Act (commonly referred to as “CHOICE Act 2.0”), leaving the future of the bill to be determined by the Senate.
The first version of the anti-Dodd-Frank legislation was introduced by Rep. Jeb Hensarling of Texas in 2016, and it was touted as a bill that would provide relief to financial institutions that have been, as many assert, overburdened by the 2010 Dodd-Frank regulations. The CHOICE Act was then amended, ostensibly to soften some of the anti-regulation sentiment, before being submitted by Committee to the House for vote.
The Executive Summary of the CHOICE Act identifies several key goals of the proposed legislation:
- End bank bailouts, but make modifications to the Bankruptcy Code as an alternative
- Strengthen penalties for fraud and deception to hold Wall Street accountable
- Create more oversight of regulators and take power from Washington
- Create Advantages for Capital Election
- Provide regulatory relief for Main Street/smaller financial institutions
- Considerable reforms to the structure and power of the Consumer Financial Protection Bureau (the “CFPB”).
With respect to the CFPB, the constitutionality of which has already been challenged through the PHH Mortgage litigation (under review in the D.C. Circuit), the current structure would be modified to create more oversight and checks against the power of the Director, in addition to permitting the President to terminate the director at will.
Obtaining the required 60 votes from the Senate will be challenging, so Rep. Hensarling and other supporters of the bill have much work ahead to work across the party line if the CHOICE Act can cross the next threshold in order to be enacted.
The Republican-majority House vote in favor of CHOICE Act 2.0 today echoes the campaign sentiment of President Trump, who consistently promised to “dismantle” Dodd-Frank. BSCR’s Financial Services Law team will continue to monitor the progress of the bill and provide prompt updates as they are received.
Last month the Court of Appeals for the Western District of Missouri held that a Missouri Bank’s overdraft fee charged as part of its overdraft protection service (called “the Bounce program”) did not violate the state’s usury rate, thereby affirming the right of it and other banks to charge such fees in Missouri for debit/checking transactions.
A class action was filed against Hawthorn Bank alleging that its fee charged to customers for debit card overdrafts, which ranged from $25 to $30 per overdraft, was excessive and usurious. Plaintiffs’ counsel argued that the overdraft fees are, in essence, interest charged to the customer, and that they are therefore subject to Missouri’s usury limit.
Notably, the customers had the option to opt in or out of the overdraft protection service offered by Hawthorn Bank, and one of the named plaintiffs had even sought out a checking account with Hawthorn precisely because of its Bounce program. Both named plaintiffs understood that they could have the service cancelled at any time.
Hawthorn Bank argued, and the trial court agreed, that Mo. Rev. Stat. § 362.111, which permits banks and trust companies to assess fees and service charges against its customers, applied in that case. The Court of Appeals affirmed the lower court’s holding on the basis that § 362.111 exempts service charges and fees from the state’s usury laws. The Court also rejected the plaintiffs’ argument that the Bounce program created a binding loan contract permitting interest to be charged, as Hawthorn had expressly advised its customers that it would pay overdrafts at its discretion and could not guarantee that it would always authorize and pay the transactions.
The Court additionally found that the fees charged by Hawthorn Bank were reasonable as compared to those charged by other financial institutions within the state. The Court further recognized that the customers enrolled in the optional Bounce program were receiving substantial benefits from the service, such as coverage of overdrafts, providing notices to the customer, and providing customer service pertaining to the program, at the expense of the bank, thus justifying the fees being charged.
The Court of Appeals’ holding in Hawthorn provides reassurance to banks offering such overdraft protection services in Missouri, as the right to collect fees for those services has been upheld.
The opinion may be found here.
One of the more compelling, but sometimes unheeded, arguments against heavy banking regulations is the plight of the community bank. The expense and practicality of adhering to stringent reporting requirements, fee limits, and timelines place a heavier burden on small, local banks, particularly those in rural areas, than on large financial institutions. Accordingly, organizations for community banks and local credit unions have been created in order to give a voice to those smaller entities that are often overlooked in the course of financial regulation.
At a recent convention attended by nearly 3,000 community bankers, Camden R. Fine, the President and CEO of Independent Community Bankers of America (“ICBA”) called community banks to action in order to drive continued regulation reform for local banking communities. The ICBA intends, at an upcoming summit in Washington D.C., to address Congress in order to ensure that proposed regulatory relief legislation for community banks is signed into law.
In its “Plan for Prosperity” outlining the relief the ICBA will seek at the Summit, the ICBA proposes that the CFPB should be granted increased authority to exempt or tier regulatory requirements for community banks and to restructure the CFPB to create a diverse panel rather than a single decision-maker, which the ICBA hopes would increase the likelihood that at least one decision maker has a background in community bank lending practices.
The ICBA also seeks to eliminate the filing of capricious “disparate impact” fair lending lawsuits by requiring the petitioner to demonstrate discriminatory intent in order to succeed on a claim under the Equal Credit Opportunity Act and the Fair Housing Act. This change would ensure that lenders, particularly small, local lenders with limited pools of applicants, who apply uniform and neutral lending standards, are not subjected to frivolous or unfounded claims under those Acts.
Additional reforms proposed by the ICBA would impose a cost-benefit analysis for new regulations, raise the currency transaction report threshold under the Bank Secrecy Act, eliminate the small business data collection requirements under Dodd-Frank, and would reform the reporting requirements and closing processes for community banks and other small servicers.
By reforming and lessening regulation for smaller financial institutions, it is hoped that local lenders will thrive and compete with those servicers deemed “Too Big to Fail.”
“Make hay while the sun is shining.” The Consumer Financial Protection Bureau (the “CFPB”) is making its proverbial hay, after facing political attacks and constitutional challenges to its very structure, by bringing suit against Navient and two of its subsidiaries for an array of alleged failures in servicing of student loans.
In the Complaint, the CFPB states that Navient has failed to correctly allocate payments received to the customer’s account, particularly where that customer has multiple loans. The Bureau further alleges that representatives of Navient, rather than offering the student income-based repayment plan, often directed their customers to enter into forbearance periods, during which the interest capitalized, causing an increase in the principal balance of those loans. For those who did receive income-based payment plans, it is alleged that Navient failed to send appropriate notices detailing requirements and requests for information for borrowers to maintain the income-based payment plan, causing the monthly payment to increase by hundreds, if not thousands of dollars, and potentially disqualifying those borrowers from student loan forgiveness eligibility.
Navient is also alleged to have misreported the discharge of U.S. Armed Forces Service members’ loans by reporting that the military borrowers had been in default at the time of discharge when they had not been in default.
According to the Bureau, these, and other errors in servicing, put borrowers at a severe disadvantage in repaying their loans and maintaining good credit. “For years, Navient failed consumers who counted on the company to help give them a fair chance to pay back their student loans,” advised CFPB Director Richard Cordray. Director Cordray further stated that, over the course of servicing its loans, Navient “chose to shortcut and deeive consumers to save on operating costs. Too many borrowers paid more for their loans because Navient illegally cheated them and today’s action seeks to hold them accountable.”
This action has the potential to give a lasting impact on student loan servicing, as Navient is the nation’s largest student loan servicer, currently servicing more than $300 billion in both federal and private student loans. In a study conducted in 2016 by the CFPB, it was found that more than 8 million student loan borrowers are in default on at least one of their loans. Student loan servicers are reminded that the 2012 Mortgage Servicing Settlement, involving similar allegations with respect to errors in servicing against the 5 largest home loan servicers, paved the way for CFPB regulations that now impact nearly all home loan servicers.
BSCR will continue to monitor this action and will provide important updates as the case progresses.
The idea of an electronically executed mortgage is far from new; in fact, e-mortgages were being recorded as early as the year 2000. Yet, a number of issues with electronic loan documents have, ever since, hindered their more widespread implementation.
The Electronic Signatures in Global and National Commerce Act (“ESIGN”), enacted in 2000, states that a contract may not be denied legal effect solely on the basis that it is in electronic form. Similarly, the Uniform Electronic Transactions Act (“UETA”), adopted by 47 states, provides that a signature may not be denied enforceability merely because it is electronic. Home loan transactions, however, necessitate another consideration: electronic notarization.
Virginia, in 2012, was the first state to enact legislation permitting remote e-notarization through the use of webcam technology. In 2015, Montana passed a law permitted remote e-notarization in transactions where the signor is a legal Montana resident and the real property that is the subject of the transaction is located in Montana. To date, while another 19 states permit some form of e-notarization, only Virginia and Montana allow a mortgage to be executed electronically and notarized remotely by webcam.
Arguably, under the Full Faith and Credit Clause, since Virginia’s e-notary law does not impose a limitation with respect to the residency of the signor or the location of the real estate, a Virginia notary could witness the signature at a loan closing in another state and still have that recognized as a valid and enforceable contract. Even so, with the high degree of caution required for all aspects of loan origination, lenders and investors may determine that the risk involved with the transaction far outweighs any convenience or cost-cutting realized from remote closings.
Remote e-notarization would bring loan document execution up to speed with the convenience of shopping for mortgages in the comfort of one’s own home, but experts have debated the pros and cons of allowing these transactions to proceed with no face-to-face interaction. For instance, the risk of identity theft is a concern to some. However, remote e-notaries may use systems with knowledge-based authentication, or scan the signor’s license, in order to ensure there isn’t a forgery.
Another cause for concern is the potential for claims that loan documents were signed under duress, and were therefore invalid. Certainly, it would be difficult to prove whether or not there was duress when only a limited space is captured on webcam footage during the remote closing. Even so, the same type of hypothetical where a gun is pointed at the signor could occur in a face-to-face notarization. Because neither a traditional closing nor an electronic closing could prevent such scenarios from happening altogether, advocates of e-notarization argue that we should modernize our practices to conform to the technology we now have.
It may be that the most substantial inhibitor to mass implementation of e-mortgages is, simply put, fear of the unknown.
The Financial Crimes Enforcement Network (“FinCEN”) of the U.S. Department of Treasury issued Advisory No. FIN-2016-A005 on October 25, 2016, which provided guidance to financial institutions as to their obligations in the context of cyber-security. The content of the Advisory is discussed below.
Duty to Report Cyber-events through SARs
Under the Bank Secrecy Act, financial institutions are required to report suspicious activity through Suspicious Activity Reports (“SARs”). “Cyber-events,” defined as an attempt to compromise or gain unauthorized electronic access to electronic systems, services, resources, or information,” often target financial institutions and can serve as a means to commit crimes such as fraud or money laundering.
Whether the act is completed or merely attempted, a financial institution must report any activity that is deemed suspicious and involves more than $5,000.00 in funds or other assets. For instance, in a malware intrusion where the hacker gains access to a bank’s systems and information regarding customer accounts, the financial institution would be required to file an SAR, regardless of the fact that the hacker did not actually conduct any transaction with those funds. Similarly, if a data breach results in a cyber-criminal gaining access to retail customer information such as a PIN number, online credentials, or other sensitive information, even if that breach does not result in the transfer of funds, that breach could mandate BSA reporting.
While not intended to be an exhaustive list, these examples shed light on instances where, although no financial transaction was completed, the financial institution would be required to report the data breach through a SAR.
Relevant Cyber-Related Information to Include in Report
When a cyber-event triggers the reporting requirement, the financial institution must complete the form with all relevant information at its disposal. Thus, the report should include, if possible, the following:
- A description and the severity of the event
- The known or suspected time, location, and characteristics of the event
- Any indication of compromised data
- Relevant IP addresses and timestamps
- Device identifiers
- Description of method employed
- Any other information believed to be relevant
Working with Other Cybersecurity Organizations to Identify and Prevent Suspicious Activity
In its Advisory, FinCEN also recommends collaboration among financial institutions, BSA Anti-Money Laundering (“AML”) Units, and internal cybersecurity units to ensure the ability to conduct a comprehensive threat assessment and accurate reporting. Financial institutions are also encouraged to work with these entities to establish risk management strategies. BSA AML units may then use the information received from various sources to identify certain patterns and suspects that may not have otherwise been known. The Advisory calls for the financial institution to become an active participant in the prevention and enforcement of the BSA.
While a financial institution would be understandably reluctant to share certain cyber-related information with other institutions, the PATRIOT Act carves out a safe-harbor provision protecting the entity from liability for sharing information voluntarily for purposes of identifying and reporting potential threats of terrorism or money laundering.
FinCEN’s Advisory may be accessed here.
Financial institutions may submit their SAR through FinCEN’s e-filing system here.
Financial institutions and their compliance counsel across the nation waited with bated breath for the U.S. Court of Appeals in the D.C. Circuit to rule in PHH Corp. v. Cons. Fin. Protection Bureau, and the decision finally arrived in October. The D.C. Circuit vacated a June 2015 enforcement ruling from CFPB Director Richard Cordray, in which PHH was found to have violated RESPA Section 8(a) and was ordered to disgorge in excess of $109 million received in mortgage insurance premiums.
In its holding, the Court rejected Director Cordray’s ruling that certain fees received in exchange for services provided were wrongful under RESPA Section 8. Particularly, while Section 8(a) of the Act prohibits payments for referrals, or “kickbacks,” in real estate settlement services, the Court overturned Cordray’s order and found that the safe harbors and exceptions carved out in Section 8(c)(2) could apply, which permit “payment to any person of a bona fide salary or compensation or other payment for goods or facilities actually furnished or for services actually performed.” 12 U.S.C. § 2607(c)(2).
In its decision, the D.C. Circuit also expressly rejected Cordray’s ruling that RESPA’s 3-year statute of limitations does not apply in a CFPB administrative enforcement action, reasoning that if the intent of the legislature in the Dodd-Frank Act was to negate the statute of limitations in these proceedings, they would “expect Congress to actually say that there is no statute of limitations for CFPB administrative actions.” However, that language is absent in the Act, so the Court found the 3-year statute of limitations to be enforceable.
Perhaps of most interest to the public, though, was the Court’s holding that the current structure of the CFPB as an agency with a single director, who can only be terminated for cause, is unconstitutional. The language of the Court’s ruling throughout its Opinion regarding the unprecedented power of the CFPB director is telling; for instance:
“No head of either an executive agency or independent agency operates unilaterally without any check on his or her authority. Therefore, no independent agency exercising substantial executive authority has ever been headed by a single person.
The Court followed with its analysis and holding that, because of the substantial amount of unchecked power held by its Director, the CFPB, as it currently exists, is unconstitutional. While the Court did not agree with PHH’s argument that the CFPB should be dismantled entirely, it did remove the “for-cause” provision, thus allowing the President to terminate the director at-will.
While the decision rendered by the D.C. Circuit suggests that any enforcement orders from the CFPB have been rendered under an unconstitutional structure, because the holding is not binding on other Circuits, the question of its constitutionality will, inevitably, be heavily litigated in the months to come.
The decision issued by the D.C. Circuit, in its entirety, may be found here.
Beginning early on in the 2016 campaign season, President-elect Trump has expressed his contempt for modern banking regulations. In a May 2016 interview with Reuters, Trump stated that “Dodd-Frank has made it impossible for bankers to function.” He further reasoned that the legislation, which led to the creation of the Consumer Financial Protection Bureau (the “CFPB”), stunts lending and job creation and “has to stop.” When asked for more detail regarding any changes he wished to make, at that time, Trump indicated it would “be close to dismantling of Dodd-Frank” altogether.
Since the election, Trump has not wavered on this position, as expressed on his “transition” website:
“Following the financial crisis, Congress enacted the Dodd-Frank Act, a sprawling and complex piece of legislation that has unleashed hundreds of new rules and several new bureaucratic agencies. The proponents of Dodd-Frank promised that it would lift our economy. Yet now, six years later, the American people remain stuck in the slowest, weakest, most tepid recovery since the Great Depression. [ . . .] The Financial Services Policy Implementation Team will be working to dismantle the Dodd-Frank Act and replace it with new policies to encourage economic growth and job creation.”
Trump’s statements, along with the recent D.C. Circuit holding, suggest that the future of the CFPB is on the line. Because the U.S. District Court of Appeals for the D.C. Circuit held in PHH Corp. v. Cons. Fin. Protection Bureau that the CFPB Director may now be terminated at-will by the President, Trump’s election certainly has the potential to impact Director Cordray’s position in the Bureau.
In addition to these factors, Congressional Republicans have already stated their intention to overhaul Dodd-Frank and to change the structure of the CFPB. In June of 2016, Jeb Hensarling, the Republican chairman of the House Financial Services Committee, introduced the Financial Choice Act. The bill was approved by a House Committee in September of 2016. The Financial Choice Act would, among other things, replace the CFPB director with a bipartisan committee named “Consumer Financial Opportunity Commission.”
While the Financial Choice Act was denounced by Democrats and is not expected to pass in 2016, the Republican Party’s sweeping victory on election night, taken with the clear and unequivocal statements of Trump concerning Dodd-Frank and the CFPB, bode well for the future of this proposed legislation.
Amidst numerous other policy changes the future administration will endeavor to put into effect, only time will tell how extensive any changes to Dodd-Frank will be, and how much of a priority financial services reform will be in 2017. Servicers are cautioned to remain compliant with current regulations and to seek the advice of counsel and compliance professionals concerning any changes that may occur in the coming months.
About Financial Services Law Blog
The BSCR Financial Services Law Blog explores current events, litigation trends, regulations, and hot topics in the financial services industry. This blog will inform readers of issues affecting a wide range of financial services, including mortgage lending, auto finance, and credit card/retail transactions. Learn more about the editor, Megan Stumph, and our Financial Services practice.
The Financial Services Law Blog is made available by Baker Sterchi Cowden & Rice LLC for educational purposes only as well as to give you general information and a general understanding of the law, not to provide specific legal advice. Your use of this blog site alone creates no attorney client relationship between you and the firm.
Do not include confidential information in comments or other feedback or messages related to the Financial Services Law Blog, as these are neither confidential nor secure methods of communicating with attorneys. The Financial Services Law Blog should not be used as a substitute for competent legal advice from a licensed professional attorney in your state.