The New York Department of Financial Services released revised regulations implementing the Commercial Finance Disclosure Law. These regulations set forth the precise formatting and calculation methods providers must use to make commercial financing offers in amounts under $2.5 million. This version was released after 18 comments were submitted to the Department during the public comment period. The revised regulations propose several key changes and clarifications. Read More
Year: 2022
SMALL BANK PARTNERSHIPS WITH FINTECHS FACING INCREASED SCRUTINY
On August 29, 2022, Blue Ridge Bank (“Bank”), which has $2.8 billion in assets, entered into a formal written agreement with the Office of the Comptroller of the Currency (“OCC”) regarding the Bank’s oversight of its fintech partners. The OCC found unsafe and unsound practices relating to Bank oversight of third-party risk, Bank Secrecy Act/Anti-Money Laundering risk management, suspicious activity reporting and information technology control and risk
governance.
The OCC enforcement action agreement requires the Bank to take certain steps to improve third-party oversight and risk management, including the establishment of a majority-independent Compliance Committee, which must be approved by the Assistant Deputy Comptroller. Additionally, the Bank must adopt and implement a written program to assess and manage the risks posed by fintech partnerships, taking into consideration previous OCC guidance on community bank partnerships with fintechs. The Bank must also obtain OCC non-objection prior to onboarding new fintech partners or offering new products or services with existing fintech partners. Read More
ELEVENTH CIRCUIT AFTER REHEARING OVERRULES PRIOR HUNSTEIN CASE
The entire Eleventh Circuit Court of Appeals reheard Hunstein v. Preferred Collection and Management Services and reversed the previous panel holding. The entire Eleventh Circuit now holds (8 to 4) that plaintiff Hunstein failed to allege a concrete harm that would provide Article III standing to pursue his claims in federal court. Previously, a three-judge panel of the Eleventh Circuit previously found Hunstein had standing to sue, which spawned thousands of
copycat cases across the country. See our ALERT dated Nov. 18, 2021.
This case does not address the underlying substantive question of whether the use of a third party letter vendor violates the Fair Debt Collection Practices Act (“FDCPA”), however. The case only addresses whether Hunstein has standing to sue in federal court. The majority opinion takes care to state that its holding is that Hunstein himself did not have standing to sue because there was no public disclosure of his private debt information. The district court proceedings did not go beyond a motion to dismiss so the factual record is limited and the court’s discussion is limited solely to the issue of standing based on the pleadings. Read More
First CA Attorney General CCPA Enforcement Action
The California Attorney General Rob Bonta announced a settlement with Sephora, Inc. involving certain alleged California Consumer Privacy Act (“CCPA”) violations.
The complaint against Sephora alleged that Sephora did not properly process certain consumer opt out requests, did not disclose to consumers that their personal information was being sold and failed to clearly and conspicuously post a “Do Not Sell My Personal Information” link in violation of the CCPA.
According to the complaint, Sephora also allegedly allowed third parties tracking software to create profiles on their customers in violation of the CCPA through the collection of the brand of customers’ computers, what customers placed in their “shopping cart” and even customers’ precise locations, among other information.
Under the settlement, Sephora is required to provide notice to consumers of the sale of their personal information and to process certain consumer opt out requests. Sephora has 180 days from the effective date of the settlement to comply with its terms and must enact a program to assess and monitor the effectiveness of certain required remedial measures. Sephora is also subject to a monetary penalty of $1.2 million. Read More
CFPB: Certain Digital Marketers Are Subject To UDAAP
Recently the CFPB released an interpretative rule providing that certain digital marketers may be considered “service providers” under the Consumer Financial Protection Act (“CFPA”) and thus subject to the CFPA’s prohibition on unfair, deceptive or abusive acts or practices (“UDAAP”). The CFPA is applicable to service providers who provide a material service to “covered persons” under the CFPA.
In the interpretative rule, the CFPB determined that digital marketers engage in a material service when they assist in developing content strategies through identifying and selecting prospective customers or assisting in selecting or placing content to influence customer engagement. The CFPB also noted that digital marketers also may provide a material service when they identify customers and attempt to acquire those customers because it is a significant component of offering a consumer financial product.
Digital marketers may be excluded from the definition of a service provider under CFPA’s time or space exception. Read More
FTC Enforcement Action Alleges Merchants Are Consumers
Last month, the Federal Trade Commission filed a complaint and executed a stipulated order against First American Payment Systems and two companies that market First American’s payment processing services. The FTC alleged that First American and its marketers violated the Federal Trade Commission Act (“FTCA”) and the Restore Online Shoppers’ Confidence Act (“ROSCA”).
First American provides payment processing services to small businesses and sole proprietors to allow them to take credit and debit cards. The FTC alleged that First American tricked its merchants by (i) failing to disclose that First American’s services would automatically renew unless terminated, (ii) failing to disclose the services have an early termination fee and (iii) improperly debiting merchants’ bank accounts.
While the FTCA broadly regulates all commerce, the ROSCA prohibits certain sales practices for selling of goods or services to “consumers” over the internet. That the FTC alleged a violation of ROSCA’s consumer protections in regard to business-to-business transactions shows the FTC’s willingness to broaden the scope of consumer protection statutes. Read More
FDIC Issues Guidance Regarding Multiple Re-Presentment NSF Fees
On August 18, 2022, the FDIC issued guidance for financial institutions regarding the practice of charging multiple re-presentment NSF fees. According to the FDIC, through compliance examinations, the FDIC identified violations of law when financial institutions charged multiple NSF fees for the re-presentment of unpaid transactions. The FDIC stated in the guidance that disclosures given to consumers did not fully and clearly disclose multiple representment NSF fee policies. Specifically, financial institutions failed to sufficiently explain how an item being presented more than once could result in multiple NSF fees.
The FDIC’s guidance notes that practices involving the charging of multiple NSF fees arising from the same unpaid transaction results in heightened risks of violations of Section 5 of the Federal Trade Commission Act, which prohibits unfair or deceptive acts or practices (UDAP). Not clearly and conspicuously disclosing material information to consumers about re-presentment practices could be considered misleading or deceptive under UDAP. Read More
U.S. Privacy Legislation Referred To House Floor
On July 20, 2022, an amended version of the American Data Privacy and Protection Act (“ADPPA”) was passed out of the House Committee on Energy & Commerce by a 53-2 vote.
Some of the major changes made by the Committee since the ADPPA was introduced include specifically granting authority to the California Privacy Protection Agency to enforce the ADPPA in California, shortening the private right of action grace period to 2 years from 4 years and expanding the definition of sensitive covered data to include race, color, ethnicity, religion, union membership and internet browsing history over time and across third party websites, among others.
While this is a positive development in the direction of the ADPPA becoming law, the ADPPA will likely undergo many changes before it is passed out of the House. We will continue to provide updates periodically. Read More
CA-DFPI Invites Comments On Debt Collection Requirements
The California Department of Financial Protection (“DFPI”) and Innovation has released a draft text of new rulemaking regarding the scope, reporting and record retention requirements of the Debt Collection Licensing Act (“DCLA”). The proposed rulemaking would exempt from licensure: (i) original creditors who meet certain criteria; (ii) servicers of current debts on behalf of original creditors; (iii) certain healthcare providers, healthcare facilities and hospitals; (iv) student loan servicers; (v) employees of DCLA-licensed debt collectors; (vi) government entities; and (vii) certain public utilities.
The most notable change is the proposed exemption for “original creditors.” Under the proposed rulemaking, a creditor seeking, in its own name, repayment of consumer debt arising from credit, which the creditor extended, is not engaged in the business of debt collection unless.CFPB Issues Advisory Opinion On Debt Collection Convenience Fees
The Consumer Financial Protection Bureau has issued an advisory opinion interpreting the federal Fair Debt Collection Practices Act to prohibit a debt collector from charging a convenience fee to consumers unless either the agreement creating the debt or applicable law expressly authorize the fee. The advisory opinion interprets 15 U.S.C. § 1692f(1)’s prohibition on collecting “any amount (including any interest, fee, charge or expense incidental to the principal obligation) unless such amount is expressly authorize by the agreement creating the debt or permitted by law.” The CFPB now interprets the provision to prohibit “any amount collected . . . including, but not limited to, any interest, fee charge or expense that is incidental to the principal obligation.” The CFPB also interprets the phrase “permitted by law” to mean “expressly permitted by law.” To the CFPB, for a debt collector to collect a fee, that fee must be either (i) expressly permitted in the underlying agreement for the debt (and the fee is not prohibited by other law) or (ii) expressly authorized by a statute or regulation. The CFPB uses this interpretation to prohibit collectors from charging a fee to make debt collection payments through a particular channel—commonly referred to as “convenience fees” or “pay to pay fees”—unless the fee fits into either option (i) or (ii) above. Read More