CFPB Trends in Enforcement and Investigations · CFPB Trends in Enforcement and Investigations...
Transcript of CFPB Trends in Enforcement and Investigations · CFPB Trends in Enforcement and Investigations...
CFPB Trends in Enforcement and Investigations April 21, 2016
Reed Brodsky
Arthur Long
Alexander H. Southwell
Ryan Bergsieker
Mary Beth Maloney
<Presentation Title/Client Name>
MCLE Certificate Information
This program has been approved for credit in accordance with the requirements of the New York State Continuing Legal Education Board for a maximum of 1.5 credit hours, of which 1.5 credit hours may be applied toward the areas of professional practice requirement. This course is approved for transitional/non-transitional credit.
Gibson, Dunn & Crutcher LLP certifies that this activity has been approved for MCLE credit by the State Bar of California in the amount of 1.5 hours.
Gibson, Dunn & Crutcher LLP is authorized by the Solicitors Regulation Authority to provide in-house CPD training. This program is approved for CPD Credit in the amount of 1.5 hours. Regulated by the Solicitors Regulation Authority (Number 324652).
Application for approval is pending with the Illinois, Texas, Virginia and Washington State Bars.
Attorneys viewing the webcast as a group will need to sign an MCLE attendance form. Please contact Jeanine McKeown (National Training Administrator) at 213-229-7140 or [email protected] for the MCLE form.
Most participants should anticipate receiving their certificates of attendance via e-mail in approximately 4 weeks following the webcast.
Members of the Virginia Bar should anticipate receiving the applicable certification forms in approximately 6 to 8 weeks.
MCLE questions can be directed to Jeanine McKeown (National Training Administrator) at 213-
229-7140 or [email protected].
2
<Presentation Title/Client Name>
Presentation Overview
The Current Environment
Regulatory &
Enforcement Trends
Reputation and Litigation
Risks
Practical
Recommendations
3
<Presentation Title/Client Name>
5
CFPB’s Authority Under the Dodd-Frank Act
Publish consumer complaints
Investigate consumer complaints
Enforce compliance:
– Consumer protection under Dodd Frank
and CFPB rules;
– Enforcement of any federal consumer
financial law unless specifically
prohibited;
– Civil actions for violations
– Pursue civil penalties and equitable
relief
“The idea was to put a cop on the
beat, to enforce the laws on credit
cards, mortgages, student loans,
prepaid cards, and other kinds of
consumer financial products and
services. We're also here to be a
voice in Washington for you ... For
the first time in many years, we
have an opportunity to create a
brand new consumer agency from
the ground up.”
– Senator Elizabeth Warren
“Announcing ConsumerFinance.gov,” available at
https://www.whitehouse.gov/blog/2011/02/03/annou
ncing-consumerfinancegov (Feb. 3, 2011)
<Presentation Title/Client Name>
More Funding + More Personnel = More Power
6
CFPB, 2015 CFPB Strategic Plan, Budget, and Performance Plan and Report, at 14,
available at http://files.consumerfinance.gov/f/201502_cfpb_report_strategic-plan-budget-
and-performance-plan_FY2014-2016.pdf (2015).
<Presentation Title/Client Name>
More Funding + More Personnel = More Power
7
CFPB, 2015 CFPB Strategic Plan, Budget, and Performance Plan and Report, at 15,
available at http://files.consumerfinance.gov/f/201502_cfpb_report_strategic-plan-budget-
and-performance-plan_FY2014-2016.pdf (2015).
<Presentation Title/Client Name>
Cordray: Experience From All Sides
9
Education
− Michigan State University, BA (1981)
− Oxford University, MA (1983)
− University of Chicago Law School (1986)
− Supreme Court Clerk (Justice Kennedy, 1988)
Professional Experience
− Ohio State Representative (1990-1992)
− Ohio Solicitor General (1993-1995)
− Ohio Treasurer (2006-2008)
− Ohio Attorney General (elected 2008)
− Professor, Capital University Law School
− Of Counsel at law firm
5 time Jeopardy champion
CFPB Regulatory & Enforcement Trends
Expanding Regulation by Enforcement
Increasing Coordination Across Agencies
Escalating Penalties
Expanding “Regulation by Enforcement”
• It is “compliance malpractice” for
companies “not to take careful bearings from
the contents of these orders about how to
comply with the law and treat consumers
fairly.”
• Consent orders are “intended as guides to
all participants in the marketplace to avoid
similar violations and make an immediate
effort to correct any such improper practices.”
•CFPB Chairman Richard Cordray, Prepared Remarks to the Consumer Bankers Association (March 9, 2016)
12
Consumer Complaints Quadrupled in 5 years
CFPB Consumer Response Annual Report, available at http://files.consumerfinance.gov/f/201604_cfpb_consumer-
response-annual-report-2015.pdf (2016)
13
Complaints per
month
CFPB obtained 59
settlements in 2015,
compared with only 21
settlements in 2013.
Settlements Nearly Tripled in Past 5 years…
14
Yuka Hayashi, “Consumer Financial Protection Bureau Roughly Doubled Caseload in 2015,” Wall Street Journal,
http://www.wsj.com/articles/consumer-financial-protection-bureau-roughly-doubled-caseload-in-2015-1452551403
(Jan. 11, 2016).
Rapid Expansion in Types of Complaints: From Credit
Cards to Virtual Currency
15
CFPB Consumer Response Annual Report, available at http://files.consumerfinance.gov/f/201604_cfpb_consumer-
response-annual-report-2015.pdf (2016)
<Presentation Title/Client Name>
New Areas of Enforcement Follow Complaints
Credit Cards
Debt Collection
Mortgages
Student Loans
Payday Lending
Auto Lending
Credit Cards
Debt Collection
Mortgages
Credit Reporting
Telephone Billing
Student Loans
Payday Lending
Credit Cards
Debt Collection
Mortgages
Data Security
Credit Reporting
Telephone Billing
Student Loans
Payday Lending?
Auto Lending
Credit Cards?
Debt Collection
Mortgages?
2013 2014 2015 2016
(as of April) 16
<Presentation Title/Client Name>
“Unfair, deceptive, or abusive acts and practices” (“UDAAP”) Authority
Section 1031 of the Dodd-Frank Act empowers the CFPB to protect
consumers from “unfair, deceptive, or abusive acts and practices” in
connection with “any transaction… for a consumer financial product or
service, or the offering of a consumer financial product or service.”
Grants the CFPB extensive discretion and a powerful weapon in
enforcement cases.
The CFPB is also permitted to promulgate rules. It must consider the
potential costs and benefits to consumers, providers of consumer financial
products or services and the risk of potential reduction of consumer access
to financial products or services.
17
<Presentation Title/Client Name>
Deceptive Acts or Practices
(1) Misleads or is likely to mislead the consumer; (2) is material; and (3)
the consumer is reasonably misled under the circumstances.
Examples in 2015:
– Labeling a loan "no-interest" even though APR increased to 22.98% if
the balance was not paid before the end of the promotional period;
– Misrepresenting the payment and other material terms of mortgage
loans;
– Use of third party service that masked phone numbers to deceive car
barrowers to disclose their locations when a company sought to collect
their debts.
18
<Presentation Title/Client Name>
Unfair Acts or Practices
(1) Causes or is likely to cause substantial injury to consumers, (2) the
injury is not reasonably avoidable by consumers, and (3) the injury is not
outweighed by countervailing benefits to consumers or to competition.
Examples in 2015:
– a mortgage servicer that refused to honor in-process loan modifications
agreed to by servicers from whom it acquired the mortgage loans;
– a debt collector that made excessive collection calls at inconvenient
times; and
– companies’ use of a third-party payment processing system that
allowed for large numbers of improper charges to be imposed on
customers’ accounts.
19
<Presentation Title/Client Name>
Abusive Acts or Practices
(1) Materially interferes with the ability of a consumer to understand a consumer financial product or service, or
(2) Takes unreasonable advantage of:
(i) a consumer's lack of understanding of the material aspects of the product or service;
(ii) a consumer's inability to protect his or her interests; or
(iii) a consumer's reasonable reliance.
Examples in 2015:
– obscuring the true nature of a transaction as a usurious loan by calling the product a “pension buyout” or “money purchase pension plan”; and
– providing insufficient information to consumers about how their payments would be allocated among loan balances and allocating payments differently than requested by the consumer.
20
<Presentation Title/Client Name>
Lessons Learned in 2015
Expansive nature of UDAAP
– UDAAP used to bring penalties and fines against non-financial companies.
Certain acts and practices can fit more than one UDAAP category.
– In the case of an offshore unregistered payday lender, the lender’s practice of telling consumers they owed money on the loans was “deceptive” because the loans were void from inception for having been made without a license, but also “unfair” because consumers would not have knowledge of the state licensing laws, and “abusive” because the statements materially interfered with consumers' ability to understand the void nature of the loans.
CFPB will likely make use of its UDAAP authority to target a wide range industries—including data security.
21
<Presentation Title/Client Name>
Increasing Coordination Across Agencies Results In
Greater Enforcement Penalties
22
<Presentation Title/Client Name>
CFPB Has Expansive Authority to Coordinate with DOJ
The Dodd-Frank Act and federal fair lending laws authorize the CFPB and Department of Justice to take action against creditors engaging in allegedly illegal discrimination.
Beginning in 2013, CFPB and DOJ have collaborated on a string of enforcement actions.
Monetary penalties have been significant – as high as $225 million in at least one case.
Key industries targeted by the CFPB and DOJ include:
– Auto finance
– Mortgage lending
– Credit Card lending
<Presentation Title/Client Name>
CFPB and DOJ Coordination: Enforcement in Auto Finance
Fines and Restitution:
− Financial company/bank paid $80 million in damages to minority borrowers who paid
higher interest rates than white borrowers for their auto loans and $18 million in
penalties.
− Automobile manufacturer credit company paid $21.9 million in restitution to minority
borrowers who paid higher interest rates.
− Bank paid $18 million in restitution to consumers.
− Automobile manufacturer finance corporation paid $24 million in restitution.
Common Non-Monetary Penalties:
− Limits on interest rate discretion (caps as low as 1.25%)
− Payment to hire a settlement administrator to distribute restitution
− Implementation of a compliance monitoring program
<Presentation Title/Client Name>
CFPB and DOJ Coordination Enforcement in Mortgage Lending
Fines and Restitution:
− Bank paid $35 million in restitution to minorities who allegedly paid higher rates and fees because pricing scheme gave brokers discretion to set borrowers’ rates and fees.
− Bank paid $25 million in loan subsidies to qualified borrowers in communities where it allegedly had conducted unlawful redlining. Also paid $2.25 million in community programs and outreach, and a $5.5 million penalty.
− Mortgage originator paid $9 million in damages to minority borrowers allegedly charged more for loans.
Common Non-Monetary Orders:
− Pay to hire a settlement administrator to distribute restitution and damages
− Implement non-discretionary broker compensation policies and procedures
− Implement a compliance monitoring and training program
− Release a Consumer Advisory regarding settlement
− Open bank branches in neglected communities
− Conduct credit needs assessment of minority communities and expand lending operations
<Presentation Title/Client Name>
CFPB and DOJ Coordination:
Enforcement in Credit Card Lending
$225 Million in Relief
Fines and Restitution:
− Bank paid $225 million in relief and a $3.5 million penalty to borrowers
allegedly excluded from debt relief offers because of their national origin
and/or request to communicate in Spanish.
Common Non-Monetary Orders:
− Create consumer relief program
− Pay to hire a settlement administrator to distribute restitution and damages
− Notify credit reporting agencies to modify borrowers’ credit history
− Forgive debt of accounts that did not receive debt relief offers
− Subject to CFPB ongoing supervisory authority and examinations
<Presentation Title/Client Name>
CFPB’s Overlapping Mission & Jurisdiction with FTC
Federal Trade Commission Mission: “To prevent business practices that are
anticompetitive or deceptive or unfair to consumers; to enhance informed
consumer choice and public understanding of the competitive process; and to
accomplish this without unduly burdening legitimate business activity.”
FTC jurisdiction in the financial marketplace extends to financial products
and services offered or provided to consumers by persons other than banks,
thrifts, federal credit unions, and bona fide non-profit organizations
<Presentation Title/Client Name>
Authority for CFPB & FTC Coordination
Memorandum of Understanding
Authored 2012; reauthorized 2015
Key provisions:
− Coordinated Law Enforcement Activities
− Joint Training
− Notice of Commencement of an Investigation (5 days prior)
− Notice of Filing an Action or Commencing a Proceeding (10 days prior)
− Notice of Settling an Action or a Proceeding (10 days prior)
− Consultation on Rulemaking and Guidelines
− Information Sharing
− Cooperation Responding to Consumer Complaints
− Biannual Meetings on Operational Planning
Assigns liaisons to facilitate implementation: Director of the Bureau of Consumer
Protection at the FTC and the General Counsel at the CFPB (or their designees)
<Presentation Title/Client Name>
CFPB and FTC Coordination: Joint Enforcement Actions
In April 2015, the FTC and CFPB filed their first-ever joint law enforcement action, against a
mortgage servicing company for alleged violations of the FDCPA.
Complaint and Stipulated Order alleged the company failed to honor modifications for loans
transferred from other servicers, demanded payments before providing loss mitigation
options, delayed decisions on short sales, and harassed and threatened overdue borrowers.
The company must pay $48 million in restitution, and a $15 million civil penalty. In
addition, the Order requires the company, among other things, to:
− Convert in-process loan modifications into permanent modifications.
− Engage in outreach, including telephone and mail campaigns and translation services, to
contact borrowers and offer them loss mitigation options.
− Halt the foreclosure process on effected borrowers.
− Create a detailed data integrity program that tests, identifies, and corrects errors in loans
received.
− Honor loss mitigation agreements entered by the prior servicer.
<Presentation Title/Client Name>
CFPB, “You Have the Right to a Fair Financial Marketplace,” (Jul. 21, 2015), available at http://www.consumerfinance.gov/blog/you-
have-the-right-to-a-fair-financial-marketplace/.
31
The CFPB’s Big Boast: “$10.8 Billion in Relief”
<Presentation Title/Client Name>
Top CFPB Enforcement Actions: 2015
Amount (Restitution) Amount (Penalty) Company Area of Enforcement Date
$700M $35M Bank Credit Cards July 2015
$530M For-profit Education Student Financial Aid Oct. 2015
$50M $136M Bank Credit Card July 2015
$120M $38M Telecommunications Illegal Billing May 2015
$48M $15M Mortgage Servicing Mortgages April 2015
$42M $10M Financial Services Debt Collection Sept. 2015
$44.1M $4.25M Financial Services Debt Collection Sept. 2015
$33.4M $5M Financial Services Mortgages July 2015
$11.1M $24.6M Bank Mortgages Jan. 2015
$11.7M $10M Law Firm Foreclosure Relief May 2015
34
<Presentation Title/Client Name>
2015: Mortgage-Related Enforcement Actions
In 2015, the CFPB continued to pursue joint enforcement actions related to mortgages with both Federal and State regulators.
– In January 2015, the CFPB and the Maryland Attorney General filed a complaint alleging an illegal-marketing kickback scheme with a title company in violation of the Real Estate Settlement Procedures Act of 1974.
– In April 2015, the CFPB and Federal Trade Commission (FTC) took joint action alleging that a national mortgage servicing company, engaged in illegal practices when servicing mortgage loans by failing to honor loan modifications that customers had already entered, demanded payments before providing loss mitigation options, and used illegal practices like making false threats, harassing consumers by phone, and revealing debts to third parties in order to collect mortgage payments.
In addition, Loan Originator Compensation Rule violations continued to be an issue, as in June 2015, the CFPB filed a complaint for paying bonuses and higher commissions to loan originators as incentives for steering consumers into mortgages with higher interest rates.
35
<Presentation Title/Client Name>
2015: Credit Card and Debt Collection
From Penalties to Demand to
Overhaul Business Practices
− Aggressive actions for consumer redress for credit card add-on products/debt collection
− Significant penalties
− Overhaul of internal policies/procedures of the alleged violators
− CFPB has also sought to bar debt collectors from collecting certain debts
− Examining billing, marketing, and collection practices related to add-on credit monitoring and credit reporting services.
− Examining the maintenance and service of internal credit databases and the effect that failures related to these databases can have on consumers accounts.
36
“In four years, this is the
tenth action we’ve taken
against companies in this
space for deceiving
consumers. We will
remain on the lookout
for similar conduct and
will address it as we find
it.” -July 21, 2015
<Presentation Title/Client Name>
2015: Student Financial Services & Telecommunications Actions
In October 2015, a federal court entered a default judgment in favor of
the CFPB resolving a lawsuit in which the CFPB alleged that a for-
profit post-secondary education company used false job prospects and
career counseling to lure students into taking out high interest loans to
cover tuition costs.
Working with the FCC and certain state attorneys general, the CFPB
alleged that certain telecommunications companies “unfairly charged
[their] customers by creating a billing and payment processing system
that gave third parties virtually unfettered access across [their]
customers’ accounts.”
– When working with federal and/or state agencies, the CFPB has sought
consumer redress while allowing fines to be paid to federal agencies and
states.
37
<Presentation Title/Client Name>
“To date .... Our supervisory
actions have resulted in
financial institutions providing
more than $248 million in
redress to nearly 2 million
consumers. And as of this
month, we have handled over
700,000 complaints from
consumers addressing all
manner of financial products
and services.”
– Richard Cordray,
CFPB Director
(Sept. 29, 2015)
2016: Penalties Tripled Since 2013
<Presentation Title/Client Name>
2016: Enforcement Priorities …Old and New Targets
Firms operating in areas that have drawn CFPB attention to date – credit
cards, mortgage lending, payday lending, student lending, and debt
collection – should not expect a let up in 2016 as long as consumer
complaints related to these products continue.
The CFPB should be expected to continue to exercise jurisdiction over new
areas where there is consumer-facing activity, such as payment processing.
The CFPB’s reliance on UDAAP allows it to expand its authority both
beyond traditional consumer financial products and to conduct for which
there arguably has been no tangible harm.
40
<Presentation Title/Client Name>
2016: Enforcement Priorities
Amount Company Enforcement
Area
Date Nature of
the Case
$50,000 Student Lender Student Loans March 30, 2016 Consent
Order
$172,882,488 Financial Services Debt
Settlement
March 18, 2016 Litigated
$100,000 Payment Processing Data Security March 2, 2016 Consent
Order
$7,890,000 Bank Debt Collection February 23, 2016 Consent
Order
$21,900,000 Automotive Auto Lending February 2, 2016 Consent
Order
$700,000 Automotive Auto Lending January 21, 2016 Consent
Order
41
<Presentation Title/Client Name>
2016: Cybersecurity Is A New Target
Cybersecurity continues to dominate headlines
Significant breaches of customer data
Increasingly sophisticated attacks beyond the retail sector
42
- NBC News, 12/23/2015
Experian breach hit 15 million T-Mobile
customers - Reuters, 10/1/2015
Anthem warns customers regarding its
huge data breach - Los Angeles Times, 3/6/2015
Panama Papers comprise 11.5 million
leaked documents tied to world leaders - New York Times, 4/3/2016
Hackers claim cyber attack on New York
dam
<Presentation Title/Client Name>
Cybersecurity: An Administration Priority
43
• President Barack Obama: The “cyber threat is one of
the most serious economic and national security
challenges we face as a nation.” Remarks by the President on Securing
Our Nation’s Cyber Infrastructure, May 29, 2009.
• CFPB Director Richard Cordray: “Consumers entrust
. . . companies with significant amounts of sensitive
personal information . . . . It is crucial that companies
put systems in place to protect this information and
accurately inform consumers about their data security
practices.” CFPB Takes Action Against Dwolla for Misrepresenting Data Security
Practices, March 2, 2016.
• Former SEC Commissioner Luis Aguilar: “[B]oards
that choose to ignore, or minimize, the importantce of
cybersecurity oversight responsibility do so at their own
peril.” Boards of Directors, Corporate Governance and Cyber-Risks: Sharpening the
Focus, June 10, 2014.
<Presentation Title/Client Name>
CFPB’s: Cybersecurity Focus
Were consumers “deceived”?
– Is the company acting consistent with public representations?
– Are privacy policies and terms of use being followed?
Were consumers exposed to an “unfair” or “abusive” practice?
– “Unfairness” refers to harms consumers cannot reasonably protect
against.
– Among other things, “abusive” practices take unreasonable advantage
of a consumer’s reliance on a regulated entity to act in the consumer’s
best interests.
– Is the company failing to take “reasonable” steps to prevent/detect
breach?
44
No Action Letters: Proceed With Caution
On February 2, 2016 the CFPB adopted a No Action Letter policy for “innovative financial products and services.”
Under the policy, financial services firms are allowed to seek a No Action Letter from the CFPB to approve their security and consumer protection systems in instances “where there is substantial uncertainty whether or how specific provisions of statutes implemented or regulations issued by the Bureau would be applied.”
Whether to seek a No Action Letter is a significant decision that requires the careful weighing of risks and benefits.
– Unlike the SEC, the CFPB has no licensing authority
– Depending on the product, a NAL could send a positive signal to consumers
45
<Presentation Title/Client Name>
“Regulation by Enforcement”:
Recent Cybersecurity Action Companies
Should Heed
Dwolla represented to customers that transactions were “safe” and “secure,”
and that its data security practices “exceed[ed] industry standards” and were
PCI compliant.
The CFPB found Dwolla was not PCI compliant, did not “employ reasonable
and appropriate” data security measures, “did not encrypt all sensitive consumer
information in its possession at rest,” and failed to adopt “a written data-security
plan to govern the collection, maintenance, or storage” of personal information
until several years after its launch.
Conditions of the March 2016 settlement include:
(1) Conducting an annual data-security audit; (2) paying a civil money
penalty of $100,000; and (3) agreeing to ongoing reporting requirements.
46
<Presentation Title/Client Name>
Why Care About a $100,000 Enforcement Action?
The settlement marks the CFPB’s entry into cybersecurity enforcement.
The CFPB views its jurisdiction broadly, and is looking beyond traditional
industry players.
Consistent with its history of “Regulation by Enforcement,” the CFPB is not
afraid to go after small companies, extracting both financial penalties and
compliance remedies.
The CFPB’s enforcement action did not follow a data breach.
– This approach is similar to that of the FTC.
47
<Presentation Title/Client Name>
May 2012 to November 2014: Rulemaking
– Expansive Definition of Prepaid Cards: “A tool
for transferring funds between businesses and/or
people”
– June 2014: Begins Soliciting Consumer
Complaints
November 2015: CFPB Rulemaking Agenda
estimates final rule in March 2016
March 2016: Politico
reports delay in final rule to
May or June 2016
In the CFPB’s Crosshairs: Prepaid Cards
A rule to “close the loopholes in this market
and ensure prepaid consumers are protected
whether they are swiping a card, scanning
their smartphone, or sending a payment.”
– CFPB Director Richard Cordray, Nov. 14,
2014
<Presentation Title/Client Name>
March 2016: Monthly Complaint Report “Product
Spotlight”
“high-level snapshot of trends in consumer
complaints”
Complaints by Type:
Managing, opening, closing &
transaction issues
Complaints by State
“most complained about
companies”
In the CFPB’s Crosshairs: Prepaid Cards
<Presentation Title/Client Name>
August 2014: CFPB publishes “Risks to Consumers
Posed by Virtual Currencies”
August 2014: Begins Soliciting
Consumer Complaints
November 2014: Prepaid Card
Proposed Rule
As of December 2015: more than 5000
complaints related to “Virtual Currency
Products and Services”
In the CFPB’s Crosshairs: Virtual Currency & Mobile Wallets
“…the Bureau is aware of an
increasing number of
mobile financial products,
each with different
features, capabilities, and
consumer protections.
Determining how this
proposed rule might apply to
those products may be
difficult in light of the quick
evolution of these products
and their features....”
– CFPB Prepaid Accounts
Proposed Rule, Nov. 14,
2014
<Presentation Title/Client Name>
The Next Target: Online Advertising?
June 22, 2015: Letter to numerous search engines and social medial
companies
– “reminding” them to watch out for misleading student loan
advertisements;
– to “work closely” with federal and state agencies “to ensure
your search products are not being used by individuals and
companies seeking to prey on the most vulnerable student loan
borrowers”
– “By more closely monitoring advertising on key search terms
and helping to drive traffic toward unbiased sources of
information, your users will gain greater value from your search
products and scammers will be less likely to flourish.”
51
<Presentation Title/Client Name>
Arbitration Clauses In Peril: May Be
Deemed Harmful to Consumers
On October 7, 2015, the CFPB announced consideration of proposed
rulemaking:
– Prohibiting arbitration clauses in financial consumer contracts that
prevent group lawsuits; and
– Requiring companies to submit claims filed and awards issued in
arbitration, which may also be publicly disclosed.
The potential rulemaking follows the CFPB’s March 2015 Arbitration
Study that found arbitration clauses harm consumers by preventing group
arbitration or class action lawsuits, which are more lucrative than
individual arbitration or lawsuits.
Products and services affected include “credit cards, checking and deposit
accounts, certain auto loans, auto title loans, small dollar or payday loans,
private student loans, and installment loans.”
<Presentation Title/Client Name>
Proposed Arbitration Restrictions
CFPB highlighted three benefits to the potential rule:
– A “day in court” for consumers where individual harm is too small to
make litigation practical;
– Corporate deterrence by holding companies accountable; and
– Increased transparency in the individual arbitration process.
CFPB will submit the proposal to a Small Business Review Panel to
consider the impact on small businesses.
If it decides to proceed with the proposal, CFPB will issue a formal notice,
receive public comments, and issue a final rule.
Although we are not proposing to prohibit the
use of pre-dispute arbitration clauses, we will
continue to monitor the effects of such clauses
on the resolution of individual disputes.
– CFPB Director Richard Cordray
<Presentation Title/Client Name>
The Costs of Arbitration Clause Restrictions
Administrative costs to revise existing arbitration agreement language;
Additional potential liability and litigation costs due to class litigation
exposure;
Increased costs of compliance or other measures (e.g., insurance) to
reduce class litigation exposure; and
Costs of reporting to the CFPB claims filed and awards issued in
arbitration.
In a review of ~590 arbitration proceedings,
CFPB found that the average time to resolve a
dispute was two to eight months.
- CFPB, Arbitration Study (March 2015) at 72
<Presentation Title/Client Name>
When the CFPB Targets Your Company
Act Quickly—the CFPB Moves Quickly
Consider Regulatory Disclosures
Prepare a Press Plan
Anticipate Follow-On Litigation
56
<Presentation Title/Client Name>
CFPB’s Aggressive Timeline for Investigation: Significantly Faster Than SEC Subpoena Process
57
CFPB SEC
Source of Investigation Internal enforcement procedures
Referrals from other agencies
Whistleblowers
Congressional referral
Timeline Before Commencement
of Formal Investigation
Informal pre-investigation
process
Regulatory oversight that often
turns into an investigation
SEC usually begins with an
informal investigation
May request that company
voluntarily produce
information
Timeline from Commencement of
Investigation
Within 10 days: meet and
confer on production schedule
Within 20 days: opportunity to
petition Director to limit CID
Within 30-60 days: usual
timeline for production
Post-document production:
oral testimony
Post-Investigation fact finding:
Often, but not always, NORA
process
After formal investigation
commences: no required
timeline
Post investigation fact finding:
often, but not always, Wells
process
<Presentation Title/Client Name>
Scope and Outcome of CFPB Investigation: Similar to SEC
58
CFPB SEC
Subpoena Limits Scope: Can be issued to any person with relevant information,
including 3rd parties
Types of requests: May request production of documents, written
reports, answers to questions, oral testimony
Written Advocacy Before an
Enforcement Action
NORA (CFPB) and Wells (SEC) provide opportunity to submit
written advocacy
Possible Investigation Outcomes Termination of investigation
Settlement involving disgorgement, monetary penalties,
injunctive relief, public announcements
Federal suit
Venue of Enforcement/ Suit Federal court or administrative adjudication to federal appeal
Confidentiality Without a later finding of liability or settlement, investigation and
information gathered is nonpublic
<Presentation Title/Client Name>
CFPB Investigation: A Tougher Road to Settlement?
Wells NORA [Notice and Opportunity to
Respond]
Discretionary, but usually allowed absent
extraordinary circumstances if defense is
cooperative
Discretionary, but more likely to be denied
Flexible in time and length Strict time and length restrictions (14
days)
Opportunity to negotiate settlement Not an invitation to negotiate a settlement
59
Notice of enforcement action and opportunity to respond
Primary methods of presenting defense case to SEC commissioners
<Presentation Title/Client Name>
Consider Carefully When and How to Disclose a CFPB
Investigation
With no black or white rule for when a company must disclose a CFPB investigation, companies comply with federal securities laws. Disclosure practices have varied with companies choosing to disclose at various stages:
Receipt of a CID
– Consider reputational and collateral harms when disclosing.
Petition to Modify or Set Aside the CID
– Disclosure prudent in light of CFPB’s policy to publicly identify entities that file a petition to modify or set aside a CID.
Notice of Opportunity to Respond and Advise (NORA)
– In November 2011, CFPB announced its intention to provide advance notice of potential enforcement actions; the notice, however, is discretionary.
Enforcement Action or Legal Proceeding
60
<Presentation Title/Client Name>
The Continuing Investigation Disclosure: Example 1
Bankrate, Inc. 10-K (December 31, 2015) – Notice of Opportunity to Respond
& Advice
The Company and certain of its employees have received Civil Investigative
Demands (CIDs) from the CFPB to produce certain documents and answer
questions relating to the Company’s quality control process for its online
mortgage rate tables. The Company has cooperated in responding to the CIDs.
The Company received a communication from the CFPB inviting the Company
to respond to the CFPB’s identified issues in the form of a Notice of
Opportunity to Respond and Advise during which the CFPB identified
potential claims it might bring against the Company. The Company has
submitted a response that it believes addresses the CFPB’s issues with respect to
the Company’s online mortgage rate tables and its quality control processes. We
are unable to predict when the CFPB investigation will be completed or the final
outcome of the investigation, and cannot presently estimate the amount of loss, if
any, that would result from an adverse resolution of this matter.
61
<Presentation Title/Client Name>
The Continuing Investigation Disclosure: Example 2
The J.G. Wentworth Company 10-K (December 31, 2015) – Petition to Modify
or Set Aside the CID
We have, since March 2014, been served with three (3) Civil Investigative
Demands, or CIDs, from the CFPB relating to our structured settlement and
annuity payment purchasing activities. The CIDs have requested various
information and documents, including oral testimony, for the purpose of
determining our compliance with federal consumer financial laws. We have
provided documents and oral testimony relating to requests in the first two (2)
CIDs. In response to the third CID, we discussed the requests with the CFPB and
filed a petition to modify or set aside that particular CID. On February 11,
2016, the CFPB denied that request. We have since continued our dialogue
with the CFPB, and will work cooperatively with the CFPB to address its
continuing inquiry as appropriate.
62
<Presentation Title/Client Name>
When CFPB Has Commenced Litigation
American Public Education, Inc. 10-K (December 31, 2015) – Investigation of
Accrediting Agency
In August 2015, the CFPB issued a civil investigative demand, or CID, to
ACICS, the accrediting agency that accredits HCON [Subsidiary of APEI].
The CID required ACICS to provide documents and testimony, to identify all
schools it has accredited since January 1, 2010, and to identify the individuals
involved in ACICS’s reviews of certain schools, not publicly identified. In
September 2015, ACICS submitted a petition to the CFPB to set aside the
CID, arguing that ACICS is not under the CFPB’s jurisdiction. ACICS
argued that it does not provide any financial product or service nor does it assist
or support its accredited institutions in procuring and maintaining loans from ED.
In October 2015, the CFPB rejected ACICS’s petition and filed a petition to
enforce the CID in the United States District Court for the District of Columbia.
We are unable to predict the impact that the CFPB CID may have on
ACICS or its practices.
63
<Presentation Title/Client Name>
No Duty to Disclose Specific CFPB Investigation
Lubbers v. Flagstar Bancorp, Inc. (E.D. Mich., February 10, 2016):
Company had no duty to disclose that CFPB was specifically investigating
Flagstar for violations of consumer protection laws and regulations.
Disclosure was broad enough to put investors on notice that:
– Flagstar was subject to governmental agency investigations;
– There were ongoing investigations; and
– Flagstar was presently cooperating with such agencies.
Flagstar Bancorp, Inc. 10-Q 2013/2014 Disclosures: From time to time,
governmental agencies conduct investigations or examinations of various
mortgage related practices of the Bank. Ongoing investigations relate to whether
the Bank has properly complied with laws or regulations relating to mortgage
origination or mortgage servicing practices and to whether its practices with regard
to servicing residential first mortgage loans are adequate. The Bank is cooperating
with such agencies and providing information as requested.
64
<Presentation Title/Client Name>
Disclosing a CFPB Matter to the Press: The Perils of the CFPB Press Machine
Well-Funded
– From FY 2105t o FY 2017, CFPB’s External Affairs Department
Budget has increased by $1 million each year—from $7M to $9M
– 59 Full-Time Employees in 2017 (up from 39 in 2014)
Sophisticated: Traditional print media, social media, website
Aggressive: initial release, follow-on releases at each stage
Misleading: press releases
mischaracterize consent orders
65
“Your press office is much more aggressive
and inflammatory
than any other financial regulator…
midnight embargoes… misrepresent the
facts…over the top press releases …”
– Rep. Randy Hultgren (R-Il) questioning
Richard Cordray, September 2015 Hearing
<Presentation Title/Client Name>
Follow-On Litigation: From CFPB to Civil Liability
A CFPB Investigation is just the beginning.
Most Common Follow-on Suits
− Derivative Shareholder Litigation
− Class Action Suits
Follow-on consequences of CFPB investigation or settlement:
– Cost of litigation
– CFPB findings = breadcrumbs for plaintiffs’ attorneys
– More headlines!
66
<Presentation Title/Client Name>
Types of Claims Asserted
− Federal Statutory Claims
• Securities and Exchange Act
Violations
• Fair Debt Collection Practices
Act
• Racketeer Influenced and
Corrupt Organizations Act
• Truth in Lending Act
• Real Estate Settlement
Procedures Act
− State statutory and common law
claims
67
Follow-On Litigation: From CFPB to Civil Liability
Types of Relief Sought
−Certification of class action
−Actual and/or compensatory damages
−Treble damages under RICO
−Statutory damages under FDCPA
−Disgorgement of “ill-gotten gains”
−Preliminary and permanent
injunctions
−Restitution
−Plaintiffs costs and expenses,
including attorneys’ fees
<Presentation Title/Client Name>
Class Action Case Study
July 2013: CFPB files suit against a mortgage company regarding the
company’s loan officer compensation practices.
November 2013: Claims settled via Consent Order providing that
“[r]edress provided by the Company shall not limit consumers’ rights in
any way.”
July 2014: Putative class action filed against the mortgage company.
Complaint references CFPB Consent Order
– Alleges violations of TILA, RESPA, and CA/UT state law
Current Status: As of March 2016, Motion for Class Certification is
pending.
68
<Presentation Title/Client Name>
CFPB’s Move into Cyber-Security, Increases Likelihood of Privacy Class Actions
These cases generally do not involve a breach.
Rather, they focus on alleged “privacy” invasions, normally in connection
with the collection and use of personal information.
Plaintiffs’ class action firms see this as a growth area.
Lawsuits often come about after media reports of a practice, but plaintiffs’
firms increasingly use technical consultants to actively look for cases.
69
<Presentation Title/Client Name>
On June 19, 2015, PHH, Inc. filed a petition in the U.S. Court of Appeals
for the District of Columbia Circuit seeking review of a CFPB
administrative order imposing a $109 million sanction.
On April 12, 2016 the D.C. Circuit heard oral arguments from both parties
on the constitutionality of the CFPB directorship.
The panel: Judges Karen Henderson, Brett Kavanaugh, and Arthur
Raymond Randolph
Issues Raised During Oral Argument
– RESPA statute of limitations
– Precedent for a single headed agency
– Power to remove the CFPB director
– CFPB independent funding
– The appropriate remedy if the CFPB’s directorship structure is
unconstitutional 70
CFPB Authority Under Scrutiny
<Presentation Title/Client Name>
Political Climate Will Continue to Fuel CFPB
71
“I want to save the middle
class. . . . The hedge-fund
guys didn’t build this
country. These are guys
that shift paper around, and
they get lucky.”
“I went to Wall Street in
December of 2007. . . and
I basically said, ‘Cut it
out! Quit foreclosing on
homes! Quit engaging in
these kinds of speculative
behaviors.’”
“It is not Congress
that regulates Wall
Street; it’s Wall Street
that regulates
Congress.”
“Why would you then bail
out rich Wall Street banks
and not Mom and Pop?”
“I’ll tell you the
problem with Wall
Street: it is too much
about ‘I gotta make
money.’”
<Presentation Title/Client Name>
73
200 Park Avenue, New York, NY, 10166-0193
Tel: +1 212.351.5334
Reed Brodsky is a partner in Gibson, Dunn & Crutcher’s New York office. He is a nationally recognized trial lawyer and litigator best known for
his success as lead trial counsel in two of the most high-profile white collar criminal cases in recent memory, United States v. Raj Rajaratnam in
2011, and United States v. Rajat Gupta in 2012. Within the last year at Gibson Dunn, Mr. Brodsky was a lead trial attorney in two high-profile
complex commercial trials, representing Chevron Corporation in Chevron v. Donziger et al. in 2013 and AlixPartners in AlixPartners v. Thompson
et al. in 2014. Mr. Brodsky is a member of Gibson Dunn’s Crisis Management, Securities Enforcement, and White Collar Defense and
Investigations Groups.
Mr. Brodsky’s areas of practice include trial work, white collar crime, securities enforcement proceedings, corporate internal investigations,
compliance counseling and complex civil litigation. Mr. Brodsky has extensive experience representing institutions, hedge funds, issuers of
securities, board committees and individuals in connection with investigations, litigation and SEC enforcement proceedings under the federal
securities laws. Mr. Brodsky has counseled numerous hedge funds on securities trading and compliance matters.
Prior to joining Gibson Dunn, from 2004 to 2013, Mr. Brodsky served as an Assistant United States Attorney in the United States Attorney’s Office
for the Southern District of New York. During 6 of his eight years, Mr. Brodsky was a member of the Securities and Commodities Fraud Task
Force and investigated and prosecuted a wide range of fraud including insider trading, accounting fraud, investment adviser fraud, commodities
fraud, options backdating, market manipulation, broker bribery, hedge fund frauds, and Ponzi schemes; mail/wire fraud; money laundering; and
obstruction. From 1998 to 2004, Mr. Brodsky practiced as a litigator in the Washington, D.C. office of two major international law firms where he
specialized in corporate investigations, white collar defense and SEC enforcement matters.
Mr. Brodsky graduated in 1995 from Vanderbilt University School of Law where he was a member of the Honor Council and an editor of the
Vanderbilt Journal of International Law. He received his Bachelor of Arts magna cum laude from Duke University in 1991. After graduation, he
served as a law clerk for United States District Court Judge Hector M. Laffitte, in the District Court of Puerto Rico.
Mr. Brodsky is admitted to practice in the Southern District of New York and Eastern District of New York.
Reed Brodsky
<Presentation Title/Client Name>
74
200 Park Avenue, New York, NY, 10166-0193
Tel: +1 212.351.2426
Arthur S. Long is a partner in the New York office of Gibson, Dunn & Crutcher, where he is a Co-Chair of Gibson Dunn’s Financial Institutions
Practice Group and a member of the Securities Regulation Practice Group. Mr. Long focuses his practice on financial institutions regulation,
advising on the regulatory aspects of M&A transactions; bank regulatory compliance issues; Dodd-Frank issues, including the regulation of
systemically significant financial institutions (SIFIs) and related heightened capital and liquidity requirements; resolution planning; and Volcker
Rule issues with respect to bank proprietary trading and private equity and hedge fund operations. In addition, Mr. Long has significant experience
with bank securities offerings and issues particular to foreign banks operating or seeking to operate in the United States, and experience with
emerging legal issues in the area of virtual currencies.
Prior to joining Gibson Dunn, Mr. Long practiced with Davis Polk & Wardwell LLP for 16 years. During the Financial Crisis, he provided advice
in connection with The Federal Reserve Bank of New York’s emergency loan to American International Group, Inc.; Her Majesty’s Treasury’s plan
to provide support to the U.K. banking system, including obtaining relief from the U.S. Bank Holding Company Act for the U.K.-government
controlled company that was the majority shareholder of The Royal Bank of Scotland Group plc and Lloyds Banking Group plc; Morgan Stanley’s
becoming a bank holding company and conforming its global operations to the Bank Holding Company Act; and Citigroup’s proposed rescue of
Wachovia Corporation and FDIC assistance.
Mr. Long advised Banco Santander, S.A. in connection with its acquisition of Sovereign Bancorp, Inc., which resulted in protested applications to
the Federal Reserve Board, the Office of Thrift Supervision and the New York State Banking Department. He also advised one of the first-round
filing international banks on its resolution plan required by Section 165 of the Dodd-Frank Act.
Mr. Long served as law clerk to U.S. Supreme Court Justice Clarence Thomas from 1997 to 1998, and to Judge J. Michael Luttig of the U.S. Court
of Appeals, Fourth Circuit from 1993 to 1994. In 1993, he graduated magna cum laude from Harvard Law School, where he served as the Supreme
Court Editor for the Harvard Law Review. He received his A.B. magna cum laude from Harvard College in 1989.
Arthur S. Long
<Presentation Title/Client Name>
75
200 Park Avenue, New York, NY, 10166-0193
Tel: +1 212.351.3981
Alexander H. Southwell is a partner in Gibson, Dunn & Crutcher’s New York office. His practice focuses in two main areas: first, white-collar
criminal and regulatory enforcement defense, internal investigations, compliance monitoring, and complex civil litigation; and, second, information
technology-related investigations, counseling, and litigation. Mr. Southwell is Co-Chair of Gibson Dunn’s Privacy, Cybersecurity and Consumer
Protection Practice Group and is also a member of the Firm’s White Collar Defense and Investigations, Crisis Management, Securities
Enforcement, and Litigation Practice Groups. Prior to joining Gibson Dunn, Mr. Southwell served as an Assistant United States Attorney in the
United States Attorney’s Office for the Southern District of New York.
Mr. Southwell is an experienced trial and appellate attorney and regularly represents corporate executives and individuals in connection with white-
collar criminal investigations and prosecutions by federal and state prosecutors as well as related civil investigations by a wide range of
regulators. Mr. Southwell also regularly represents companies and boards in these types of matters and has significant experience in conducting
internal corporate investigations and compliance monitoring. Substantively, his areas of expertise include securities and accounting fraud,
economic sanctions violations, money laundering and Bank Secrecy Act violations, tax fraud, the False Claims Act and contracting fraud, health
care fraud and compliance, the Computer Fraud and Abuse Act, the Foreign Corrupt Practices Act, the Economic Espionage Act, and public
corruption, among others. Additionally, Mr. Southwell counsels a variety of clients on privacy, information technology, data breach, theft of trade
secrets and intellectual property, computer fraud, national security, and network and data security issues, including handling investigations,
enforcement defense, and litigation.
Mr. Southwell earned his undergraduate degree, magna cum laude, from Princeton University and his Juris Doctor, magna cum laude, from New
York University School of Law. Following law school, Mr. Southwell was a Law Clerk for the Honorable Naomi Reice Buchwald of the United
States District Court for the Southern District of New York.
Mr. Southwell also serves on Gibson Dunn’s Technology Committee, the Firmwide Diversity Committee and also is active with the Federal Bar
Council and the Association of the Bar of the City of New York, previously serving on the Association’s Professional Responsibility Committee,
Committee on Information Technology Law, and the Government Ethics Committee.
Alexander H. Southwell
<Presentation Title/Client Name>
76
1801 California Street, Suite 4200, Denver, CO 80202-2642
Tel: 303-298-5774
Ryan T. Bergsieker is of counsel in Gibson, Dunn & Crutcher’s Denver office. He is a former federal prosecutor and an experienced courtroom
advocate who has tried more than 45 civil and criminal cases to verdict. Mr. Bergsieker’s practice is focused in three areas: government
investigations, complex civil litigation, and information security/data privacy counseling and litigation. He helps companies and executives
navigate regulatory and criminal investigations, commercial disputes, and data breaches – both before and after the formal commencement of
litigation – and provides proactive counseling to help clients minimize the likelihood of such events. He has particular experience handling criminal
and civil False Claims Act matters and regulatory investigations regarding privacy, data security and other consumer protection issues. He has been
recognized as a Colorado “Rising Star”; a “Compleat Lawyer” who “excel[s] in the courtroom, in the boardroom, in client meetings and out in the
community”; and one of the top ten criminal defense attorneys in Colorado under the age of 40.
Before joining Gibson Dunn, Mr. Bergsieker served as an Assistant United States Attorney in the District of Colorado. He coordinated the
District’s computer hacking prosecutions, served as its subject matter expert on electronic surveillance law, and investigated and prosecuted a wide
range of crimes, including computer intrusions, denial of service attacks, theft of proprietary business information, identity theft, pharmaceutical
misbranding, wire fraud, mail fraud, and murder. In addition to trying cases before nearly every judge in the District, he led dozens of criminal
investigations and argued multiple appeals before the United States Court of Appeals for the Tenth Circuit. As a result of Mr. Bergsieker’s work,
the United States Attorney awarded him the District’s Distinguished Service Award and the U.S. Attorney’s Award of Excellence.
Drawing on his experience, Mr. Bergsieker has lectured extensively on cybercrime, electronic surveillance, and other cybersecurity and criminal
law topics. He serves on the Board of Directors of the Faculty of Federal Advocates.
Mr. Bergsieker graduated summa cum laude and Phi Beta Kappa from Princeton University with an A.B. from the Woodrow Wilson School of
Public and International Affairs. He received his J.D. from Yale Law School, where he served as Comments Editor of the Yale Law Journal and
was selected as a civil procedure teaching assistant. After graduating from law school, Mr. Bergsieker clerked for the Honorable David M. Ebel on
the United States Court of Appeals for the Tenth Circuit.
Ryan T. Bergsieker
<Presentation Title/Client Name>
77
200 Park Avenue, New York, NY, 10166-0193
Tel: +1 212.351.2315
Mary Beth Maloney is an associate in the New York office of Gibson, Dunn & Crutcher. She is a member of Gibson Dunn’s Litigation, Financial
Institutions, and Transnational Litigation Practice Groups. Ms. Maloney’s practice focuses on complex, high stakes trials. She also has significant
expertise and experience in representing financial institutions, corporations, and individuals in connection with international discovery
disputes. Her current high-profile representations include Royal Bank of Canada in a securities fraud case arising from the 2008 financial crisis,
and hedge fund manager, Mr. Louis Bacon, the founder of Moore Capital Management, in a New York State court action involving complex
international discovery. Ms. Maloney has litigated international discovery disputes and both defended and brought numerous 28 U.S.C. § 1782
actions (discovery for use in foreign proceedings). In addition, she advises financial institutions and corporations on continued developments in the
U.S. Consumer Financial Protection Bureau's (CFPB) enforcement efforts and helps compliance and cybersecurity professionals successfully
navigate this landscape.
From discovery through judgment, Ms. Maloney has been an essential member of the trial teams of Gibson Dunn’s most high profile and successful
representations, including representing Chevron Corporation in its successful RICO and fraud suit against the purveyors of a $9.2 billion
Ecuadorian judgment against the company—what the Wall Street Journal called the legal “fraud of the century,” Chevron Corp. v. Donziger et
al. As the most junior member of the Chevron trial team, she took the testimony of two expert witnesses before Judge Lewis B. Kaplan in the
Southern District of New York. The year before, Ms. Maloney was part of the trial team that represented François Pinault’s Artémis SA in a
victory recognized in 2012 as one of the Top Ten Defense Verdicts of the year by the California Daily Journal.
Prior to joining the firm, Ms. Maloney served as a law clerk to the Honorable Alicemarie H. Stotler, former Chief Judge of the United States
District Court for the Central District of California. She earned her Juris Doctor in 2007 from the University of Southern California Gould School
of Law, where she was Editor-in-Chief of the Southern California Interdisciplinary Law Journal. Maloney received her undergraduate degree,
magna cum laude, from Barnard College in 1998, where she was elected to Phi Beta Kappa. Ms. Maloney is also an active alumnae of Barnard
College and serves as her class Fund Chair.
Ms. Ms. Maloney is a member of the bars of New York and California.
Mary Beth Maloney