Consumer Financial Services Watch

News and developments related to consumer financial services, litigation, and enforcement.

 

1
“True Lender” Litigation Heats Up: Small Business Sues Marketplace Lender and Partner Bank, Alleging Conspiracy to Evade Usury Laws
2
Treasury Reports Continue to Inform Dodd-Frank Reform Efforts
3
Senate Joins House in Resolution Overturning CFPB Arbitration Rule; President Trump Is Likely to Sign
4
The Screen Scrape Debate will not Abate
5
With Senate on the Sidelines So Far, Financial Services Trade Groups Launch Challenge to CFPB Arbitration Rule
6
Marketplace Lender Seeking Fair Lending Guidance Receives CFPB’s First No-Action Letter
7
Final 2017 TRID Rule Does Little To Ease Liability Concerns; Proposed Legislation Already In The Works To Address Shortcomings
8
Important Insurance Coverage Considerations for Losses Caused by Hurricane Harvey
9
Spokeo Redux: Ninth Circuit Holds That a Statutory Violation under FCRA May, without More, Establish a Concrete Injury for Purposes of Article III Standing
10
Into The Breach: D.C. Circuit Weighs in on Circuit Split Regarding Standing in Data Breach Class Actions

“True Lender” Litigation Heats Up: Small Business Sues Marketplace Lender and Partner Bank, Alleging Conspiracy to Evade Usury Laws

By David D. Christensen and Jennifer Janeira Nagle

Over the last several years, a number of U.S. state and federal government enforcement actions have challenged the viability of the bank partnership model that many marketplace lenders have used to fund consumer and small business loans. Specifically, regulators have argued that, in partnerships where the non-bank entity controls much of the funding process or the bank has little-to-no risk of loss, the non-bank entity is the “true lender.”

Read More

Treasury Reports Continue to Inform Dodd-Frank Reform Efforts

By Daniel F. C. Crowley, Bruce J. Heiman, William A. Kirk, Karishma Shah Page, Eric A. Love, Dean A. Brazier

On October 26, 2017, the U.S. Department of the Treasury (the “Treasury”) released a report entitled “A Financial System That Creates Economic Opportunities: Asset Management and Insurance,” the third in a series of reports that President Trump’s Executive Order 13772 on Core Principles for Regulating the U.S. Financial System (the “Core Principles”) requires Treasury to issue about potential ways to legislatively and administratively reform the U.S. financial system, consistent with the Core Principles. Earlier this month, Treasury released its second such report, which outlined recommendations concerning the capital markets. Treasury’s first report on banks and credit unions was released in June 2017 (See K&L Gates Alert: Dodd-Frank Reform; What Comes Next?), and one additional report is expected to be released in the near future. Treasury’s recommendations are likely to inform the efforts currently underway in Congress to advance financial regulatory reform legislation. This alert highlights a number of notable recommendations contained in the asset management and insurance report, as well as the capital markets report.

To read the full alert, click here.

Senate Joins House in Resolution Overturning CFPB Arbitration Rule; President Trump Is Likely to Sign

By Andrew C. Glass, Robert W. Sparkes III, Roger L. Smerage, Elma Delic

After weeks of speculation, the U.S. Senate voted on Tuesday night to join the House of Representatives in passing a Congressional Review Act (“CRA”) resolution to nullify the Consumer Financial Protection Bureau’s (“CFPB”) recent arbitration agreements rule. The Senate vote split 50-50, with two Republican senators—Senators Lindsey Graham (SC) and John Kennedy (LA)—voting against the resolution. The split vote set the stage for Vice President Mike Pence to cast the tie-breaking vote in favor of the resolution, which is now headed to President Trump’s desk for signature. In the hours after the vote, the President released a statement indicating his support for the resolution.

Read More

The Screen Scrape Debate will not Abate

By Judith E. Rinearson, Rizwan Qayyum

The debate surrounding “screen-scraping” continues as Member States of the European Union are preparing for the impending Second Payment Services Directive (“PSD2”). Screen scraping is the practice in which third-party Payment Initiation Service Providers (“PISPs”) and Account Information Service Providers (“AISPs”) are granted access to bank accounts of a client utilising their credentials to perform a service. As heralded in our discussion in July identifying the problem, the European Banking Authority (“EBA”) maintained their stance of outlawing the practice in the final draft Regulatory Technical Standards (“RTS”) on secure communication and Strong Customer Authentication (“SCA”). Consistent industry pressure has led the European Commission (“EC”) to request of the EBA to permit AISPs and PISPs to utilise screen scraping as a “fallback option”.

Read More

With Senate on the Sidelines So Far, Financial Services Trade Groups Launch Challenge to CFPB Arbitration Rule

By Andrew C. Glass, Robert W. Sparkes III, and Roger L. Smerage

More than two months after its promulgation, the fate of the Consumer Financial Protection Bureau (CFPB) arbitration agreements rule remains uncertain. The Senate may ultimately join the House and invoke the Congressional Review Act (CRA) to nullify the CFPB rule. But several financial services trade groups are not waiting to find out and have commenced their own legal challenge to the rule. On Friday, September 29, 2017, over a dozen such groups—led by the Chamber of Commerce of the United States of America—filed suit against the CFPB, and its director Richard Cordray, in U.S. District Court for the Northern District of Texas. See Complaint for Declaratory and Injunctive Relief, Chamber of Commerce of the United States of America, et al. v. Consumer Financial Protection Bureau, et al., No. 3:17-cv-02670-D (N.D. Tex. Sept. 29, 2017).

Read More

Marketplace Lender Seeking Fair Lending Guidance Receives CFPB’s First No-Action Letter

By David D. Christensen, Jennifer Janeira Nagle, and Brandon R. Dillman

The Consumer Financial Protection Bureau (“CFPB”) recently issued its first letter pursuant to a no-action letter policy launched in February 2016. The CFPB developed the policy to encourage innovation in the fintech marketplace by creating a testing ground for new technologies and consumer lending methods, particularly where the applicability or impact of existing regulations is uncertain. To take advantage of the policy, a company must submit an application describing the product, method, or service at issue and identify the specific rules and regulations for which the company seeks guidance. If the application is approved, a no-action letter is issued indicating that the CFPB “has no present intention to recommend initiation of an enforcement or supervisory action” against the applicant with respect to the specific product, method, or service and regulatory concerns covered by the company’s application.

Read More

Final 2017 TRID Rule Does Little To Ease Liability Concerns; Proposed Legislation Already In The Works To Address Shortcomings

By: Jennifer Janeira Nagle

Nearly two years after the TILA-RESPA Integrated Disclosure (“TRID”) rule went into effect (on October 3, 2015) and one year after the Consumer Financial Protection Bureau (“CFPB”) closed a comment period on a Notice of Proposed Rulemaking (“NPRM”) to adjust and clarify the rule, the CFPB’s modified TRID rule was published in the Federal Register on August 11, 2017 (the “2017 TRID Rule” or “2017 Rule”). An accompanying Detailed Summary of Changes and Clarifications was released on August 30, 2017.

Read More

Important Insurance Coverage Considerations for Losses Caused by Hurricane Harvey

By John R. Hardin

While the full extent of damages caused by Hurricane Harvey is unknown at present, the storm has already caused unprecedented damage in Texas. That damage arises in the midst of pending legislative change that may affect significantly losses governed by Texas law.

Specifically, for losses governed by Texas law, a recent change in Texas law thrusts an immediate decision upon policyholders. The Hailstorm Bill signed into law earlier this year and effective September 1, 2017, will thereafter apply to all first-party claims under a policy providing coverage for real property or improvements to real property that “arises from damages to or loss of covered property caused, wholly or partly, by forces of nature, including …a hurricane.”  While the Hailstorm Bill contains many substantive changes,[1] a notable change is the reduction in the 18% penalty under Chapter 542 of the Texas Insurance Code (the “Prompt Payment Statute”) if an insurer fails to timely pay a covered claim.  Any claim made before September 1, 2017, however, is governed by the current law, including the 18% penalty in the Prompt Payment Statute.  Thus, for claims governed by Texas law, policyholders must file a claim on or before Thursday, August 31, in order to benefit from the current 18% penalties (and other provisions) provided under pre-September 1, 2017 Texas law.

As policyholders begin to evaluate their losses, careful consideration will need to be given not only to direct damage or destruction of insured property, but also from the interruption of business resulting from that property damages, contingent business interruption caused by damage to the property of important suppliers, customers, and other business partners; extra expenses incurred to resume normal operations; lack of access to property due to damage to buildings, roads, docks, etc.; interrupted electric, gas, and water services; and other circumstances depending on the particular business involved.

Read More

Spokeo Redux: Ninth Circuit Holds That a Statutory Violation under FCRA May, without More, Establish a Concrete Injury for Purposes of Article III Standing

By: Andrew C. Glass, Gregory N. Blase, Roger L. Smerage, Hollee M. Watson

The Ninth Circuit has opined, again, on whether a statutory violation of the Fair Credit Reporting Act (“FCRA”), 15 U.S.C. §§ 1681, et seq.—by itself—constitutes a concrete injury for Article III standing purposes. Last year, in Spokeo, Inc. v. Robins, the United States Supreme Court vacated and remanded the Ninth Circuit’s original opinion on the issue. Although the Ninth Circuit had reviewed the plaintiff’s allegations for existence of a particularized injury, it had not separately analyzed whether they described a sufficiently concrete injury. In Spokeo, the Supreme Court ruled that “a bare procedural violation [of a federal statute], divorced from any concrete harm,” does not suffice to “satisfy the injury-in-fact requirement of Article III.” But the Court declined to define a “bare procedural violation” in favor of allowing the Ninth Circuit to first consider the question. Now that the Ninth Circuit has done so, the Supreme Court may take up the question once more.

To read the full alert, click here.

Into The Breach: D.C. Circuit Weighs in on Circuit Split Regarding Standing in Data Breach Class Actions

By Andrew C. Glass, David D. Christensen, and Matthew N. Lowe

The D.C. Circuit recently gave its opinion as to whether pleading an increased risk of future injury is sufficient to establish Article III standing to sue in a data breach class action filed in federal court. The issue has divided federal circuit courts of appeals.

In answering in the affirmative, the D.C. Circuit joined the view of the Sixth, Seventh, and Eleventh Circuits. Compare Attias v. CareFirst, Inc., — F.3d —-, No. 16-7108, 2017 WL 3254941 (D.C. Cir. Aug. 1, 2017), with Resnick v. AvMed, Inc., 693 F.3d 1317 (11th Cir. 2012); Galaria v. Nationwide Mut. Ins. Co., 663 Fed. Appx. 384 (6th Cir. 2016) (unpublished); Lewert v. P.F. Chang’s China Bistro, Inc., 819 F.3d 963 (7th Cir. 2016); and Remijas v. Neiman Marcus Grp., LLC, 794 F.3d 688 (7th Cir. 2015).  In Attias, the plaintiffs did not allege that they had suffered identity theft as the result of a hacking incident involving a system containing their data.  The defendant argued that the mere threat of future harm was too speculative to give rise to standing.  But the D.C. Circuit held that it was plausible that the unauthorized party had “the intent and the ability to use [the] data for ill” and thus that the plaintiffs had jurisdictional standing at least at the pleading stage. Id. at *1, *5-*6.  Notably, the standing issue arises under Fed. R. Civ. P. 12(b)(1) as an issue of subject matter jurisdiction. The D.C. Circuit did not otherwise decide whether the plaintiffs’ allegations stated a claim that could withstand a motion to dismiss under Fed. R. Civ. P. 12(b)(6), allowing the district court the opportunity to first review the question.

By contrast, the Second and Fourth Circuits have held that data breach plaintiffs lack standing where they plead nothing more than an increased risk of future injury. See Whalen v. Michaels Stores, Inc., — Fed. Appx. —-, No. 16-260, 2017 WL 1556116, at *1 (2d Cir. May 2, 2017) (unpublished); Beck v. McDonald, 848 F.3d 262 (4th Cir. 2017), cert. denied sub nom., Beck v. Shulkin, No. 16-1328, 2017 WL 1740442 (U.S. June 26, 2017).

Notwithstanding the circuit court split, the United States Supreme Court has yet to grant certiorari to review the issue. We will continue to monitor and report on developments in data breach standing law as they occur.

Copyright © 2023, K&L Gates LLP. All Rights Reserved.