Financial Services Law

Bank Pays $16M to Settle FDIC Charges Over Credit Card Add-On Products

The Federal Deposit Insurance Corporation (FDIC) reached a $16 million deal with a Utah bank recently, settling charges that the financial institution engaged in unfair and deceptive acts and practices.

Merrick Bank violated Section 5 of the Federal Trade Commission (FTC) Act in the marketing and servicing of its credit card add-on products, the regulator alleged. From 2008 to 2013, the bank touted its “PAYS Plan” as a payment protection card add-on product that provided a benefit payment toward a customer’s monthly credit card payment when triggered by life events such as involuntary unemployment, disability or hospitalization.

But the FDIC said the bank misrepresented that the payments would be made automatically, would protect the customer’s credit rating, and would equal the customer’s minimum payment due. Permanently disabled customers were also required to recertify their disabled status every month.

Further, the bank failed to disclose material conditions and restrictions to the PAYS Plan as well as the terms and conditions for accessing the hospitalization benefit, all in violation of federal law, according to the FDIC.

Pursuant to the settlement, the bank, without admitting or denying any charges of violations of law or regulation, will pay the U.S. Treasury a $1.1 million civil money penalty and provide $15 million for customer restitution. Merrick also agreed to amend and correct all negative incident reports made to consumer reporting agencies with regard to PAYS Plan customers consistent with the Fair Credit Reporting Act.

In addition, the consent order requires Merrick to comply with all applicable consumer protection laws going forward, including the FTC Act. To effectuate that requirement, the order specifies that the bank’s Board of Directors has 90 days to review, revise, develop, and/or implement a risk-based compliance management system to ensure compliance with all consumer protection laws, featuring comprehensive written policies and procedures and an effective training program.

To read the consent order in In the Matter of Merrick Bank, click here.

Why it matters: Credit card add-on products are on the radar for banking regulators, from a record-setting $772 million settlement between Bank of America and the Consumer Financial Protection Bureau to lawsuits filed by state Attorneys General to the instant $16 million action brought by the FDIC. Banks should continue to be diligent with respect to compliance with relevant regulations and statutes to avoid facing similar liability to the tune of tens of millions of dollars.

back to top

CFPB Takes First Action Enforcing New Mortgage Servicing Rules

In its first action alleging violations of the new mortgage servicing rules, the Consumer Financial Protection Bureau (CFPB) ordered Flagstar Bank to pay a $10 million fine and provide $27.5 million to customers.

According to the Bureau, the Michigan-based bank failed borrowers “at every step in the foreclosure relief process” both before and after the new mortgage servicing rules took effect on January 10, 2014.

Flagstar took an excessive amount of time to process applications for foreclosure relief, wrongfully denied applications for unspecified reasons, and delayed finalizing permanent loan modifications, the CFPB said. Other rule violations included “routinely” miscalculating borrowers’ income, resulting in wrongful denial of loan modifications, and the failure to inform customers about incomplete applications.

The errors occurred over a three-year period beginning in 2011, when Flagstar failed to devote sufficient resources to administration of the bank’s loss mitigation programs for distressed homeowners, the Bureau said. In 2011, the bank assigned 25 full-time employees and a third-party-review vendor to handle 13,000 active applications, leading to serious delays, the CFPB said.

In some instances, it took nine months to review a single application, the average call wait time for Flagstar’s loss mitigation call center was 25 minutes, and the bank closed applications to move its backlog, even though the application documents had expired because of Flagstar’s delay, the Bureau alleged.

Although the bulk of Flagstar’s practices occurred prior to January 2014, the bank continued to commit violations after that date, the CFPB said.

Approximately 6,500 customers will receive payments from the $27.5 million, although the bulk of the total – at least $20 million – will go to the estimated 2,000 customers who were foreclosed upon. The CFPB noted that its settlement with Flagstar does not prevent borrowers from bringing their own civil actions.

Flagstar must end its mortgage servicing violations and is prohibited from future violations of the CFPB’s mortgage servicing rules. The bank is also prohibited from acquiring servicing rights for defaulted loan portfolios until it can demonstrate it has the ability to comply with applicable laws protecting consumers during the loss mitigation process.

In addition, the Bureau required Flagstar to engage in outreach efforts to borrowers who were not foreclosed upon, offering them loss mitigation options. During the outreach and qualification process, Flagstar must halt the foreclosure process against such borrowers.

To read the consent order in In the Matter of Flagstar Bank, click here.

Why it matters: The Bureau came out swinging in its first enforcement action in the mortgage servicing space, with Flagstar facing almost $40 million in liability and a ban on acquiring servicing rights for certain loan portfolios. “The Bureau has been clear that mortgage services must follow our new servicing rules and treat homeowners fairly,” CFPB Director Richard Cordray said on a press call about the case. “Today’s action signals a new era of enforcement to protect consumers against the cost of servicer runarounds. The financial crisis is still fresh in our minds and too many homeowners continue to feel its effects. We need all mortgage servicers to understand that they must step up and follow the law.” Importantly, the Flagstar action included years of bank activity prior to the effective date of the new rules, which the agency included under the scope of its powers to regulate unfair and deceptive acts and practices. Servicers should ensure compliance with the mortgage servicing rules as the CFPB is prepared to take a strict enforcement stance that includes consideration of activity prior to the enforcement date.

back to top

Hungry? Fed Says “Menu of Options” Necessary for Recovery Planning

The Federal Reserve Board released supervisory expectations for recovery planning governing the largest United States bank holding companies in a new supervisory letter.

Spurred by the failure of many large financial institutions to have adequate plans in place to rapidly respond to severe stress at the onset of the recent financial crisis, the Fed released SR 14-8, instructing the eight domestic bank holding companies designated as posing an elevated risk to U.S. financial stability to develop “a menu of options” to remedy financial weakness and maintain market confidence without extraordinary government support.

The letter supplements prior guidance from the Fed found in SR 12/17/CA 12/14.

The recovery process begins when a firm “is experiencing or is likely to encounter considerable financial distress but could reasonably return to a position of financial strength if appropriate actions are taken in a timely manner,” working closely with relevant supervisors, the Fed explained. “A firm in recovery has not yet deteriorated to the point where resolution proceedings or bankruptcy are imminent.”

Options for consideration should include the possible sale, transfer, or disposal of significant assets, portfolios, legal entities, or business lines. Recovery options should be actionable and executable within a reasonable period of time, the Fed added, and should consider possible impediments to execution or potential mitigation strategies, such as legal and regulatory preconditions, interconnectivity among the firm’s operations, tax consequences, and market conditions.

The plan itself must cover four elements: internal governance (a description of how the plan was developed, approved, and updated, with descriptions of the triggering events for the recovery process); recovery options (detailing the choices included in the plan to remedy financial weakness and maintain market confidence, such as sales or transfers); execution plan (featuring the steps necessary to execute each option listed on the plan with estimated time frames for implementation and a plan describing the methods and forms of communication with various stakeholders); and impact assessment (a holistic consideration and description of the expected impact for each recovery option, including financial, business, and critical operation).

Senior management must be responsible for the integration of recovery planning into the operating process (just like contingency, strategic, and resolution planning), the Fed said, with oversight provided by the Board of Directors.

On at least an annual basis, the bank should test the effectiveness of its recovery options, subject to a range of internal and external stresses, considering the potential consequences for U.S. financial stability of executing each option, such as the impact on creditors, clients, and depositors.

How will a bank know if its plan is working? “At a minimum, the firm’s internal governance should lead to a response from the firm prior to the imposition of remedial actions by the Federal Reserve or other responsible supervisors,” according to SR 14-8. “A firm should aim to have the ability to take timely action to address signs of weakness or risk before the onset of significant financial deterioration.”

To read SR 14-8, click here.

Why it matters: The Fed has identified recovery planning as central to ensuring the ongoing resiliency of a firm’s consolidated operations and has made it a core area of supervisory focus for achieving the objectives of the supervision framework for large institutions. Regulatory guidance intended to respond to risks posed by the business models of the largest globally active financial institutions has often created spillovers for smaller financial institutions. By keeping abreast of the Fed’s activities with respect to recovery planning for the country’s largest financial institutions, smaller financial institutions will be better prepared as the impact of the Fed’s activities trickles down to them.

back to top

CFPB to Banks, Credit Unions: Don’t Use Credit Reports to “Blacklist” Consumers

Are banks and credit unions overusing credit reports to blacklist consumers from engaging in banking activities?

Speaking at the Consumer Financial Protection Bureau’s (CFPB) Forum on Access to Checking Accounts, Director Richard Cordray expressed concern that the answer might be “yes.”

While considerations such as the ability to repay a loan or a history of overdrafts are relevant to the industry, Cordray said such information may be “overused” and the Bureau finds it “troubling that banks or credit unions may use a credit report to exclude some consumers” from basic financial services, such as opening a checking account.

Checking accounts are one of the most widely used financial products, with 200 million Americans receiving their wages and paying their bills using their accounts. Consumers who open a new account are screened for various risks, Cordray explained, such as fraudulent or illegal conduct (such as money laundering) as well as credit risks, typically used to gauge how likely a consumer will incur overdrafts and pay them back.

Credit reporting agencies and specialty consumer reporting agencies – with data on a consumer’s history with regard to medical payments, tenancy, employment, or insurance claims – can “greatly affect how consumers are treated,” Cordray said, causing the CFPB concern in three areas: the accuracy of the reports, consumers’ ability to access the reports and dispute any incorrect information, and the ways the reports are being used.

Specialty consumer reporting agencies, in particular, generate reports focused on “derogatory” customer information, such as charged-off amounts, past nonsufficient funds, overdrafts, involuntary account closures, and unpaid or outstanding bounced checks.

Cordray queried the accuracy of such reports, with broad variations between how items are reported. For example, “we believe the definitions used to report an involuntary account closure may vary industry-wide on some central points, such as how long a negative balance may go unpaid before it is charged off and the account is closed and reported to the consumer reporting agency,” ranging from 30 days to 120 days.

Other variations exist on how frequently reports are updated and whether principal and fees are separated when overdue debts are reported. Such variations can have a negative impact on consumers, Cordray said, and the Bureau is interested in “whether better data might enable a financial institution to make more nuanced decisions in account screening rather than simply reaching a binary ‘yes or no’ result,” which could yield greater access to the banking system.

A second area of concern for the CFPB: consumer access to their reports, whether they are able to get inaccuracies fixed, and consumer awareness of how the screening system affects their ability to access a checking account. “A financial institution’s qualification process is likely quite opaque,” Cordray told attendees. “At the Consumer Bureau, we believe it is important for consumers to know why they are turned away.”

Finally, the Director addressed worries about how the reports are being used. Most consumers do not use checking accounts as credit vehicles but products for depositing and transferring funds. “So it is troubling then that banks or credit unions may use a credit report to exclude some consumers from these basic financial services,” shunting them into more expensive alternative financial options, such as check cashing and money orders, or joining the ranks of the unbanked, he said.

Asking questions such as “How can the screening process be improved to identify consumers who could or should be given second chances at checking accounts?” and “Can checking account products be made available to consumers more broadly that minimize risk, thus making screening less important?” Cordray said the Bureau envisions “a process that better understands consumers’ needs and can provide an account that is appropriate to their personal circumstances.”

“We are seeking, in particular, to explore ways that account screening can move beyond the use of specialized consumer reports as crude ‘black lists’ where consumers are turned down for an account simply because their name appears on the list,” he said.

To read Director Cordray’s prepared remarks, click here.

Why it matters: Cordray closed his remarks with a reminder that the CFPB has the authority to supervise the larger depository institutions and consumer reporting agencies for compliance with federal consumer protection laws, adding that the Bureau has issued a warning to specialty reporting companies to provide consumers with access to their reports. “We will continue to research and monitor this market carefully,” he warned. “The information used to determine [consumers’] eligibility for an account needs to be accurate so that the account screening process does not unfairly restrict their access to the banking system. We need to move from screening processes designed to make banks safe from consumers to ones designed to make them safe for consumers.” Banks and credit unions should expect that Director Cordray’s remarks will result in increased attention from examiners regarding their use of consumer reports during the deposit account opening process.

back to top

Insured v. Insured Exclusion Ambiguous, California Court Finds: Bank Ds And Os Entitled to Coverage for FDIC Suit

Why it matters

In the latest decision to weigh in on the scope of the Insured v. Insured exclusion, a California court has held that it is ambiguous as applied to suits brought by the FDIC, and therefore does not preclude coverage for the directors and officers of a failed bank.

This is an encouraging decision in light of other courts that have found that the exclusion did apply. In fact, the court here noted the inconsistent results nationwide and held that those decisions put carriers on notice that the exclusion was, in fact, ambiguous, and it should have been made more clear in order to apply to an action brought by the FDIC. Compare (finding exclusion did not apply) with (Insured v. Insured exclusion applies).

Detailed discussion

In November 2009 the Office of the Comptroller of the Currency closed the Pacific Coast National Bank and the FDIC was appointed as receiver. Three years later the FDIC sued six former directors and officers of the bank for negligence, gross negligence, and breaches of fiduciary duty, alleging they approved various loans that resulted in millions of dollars of losses to the bank.

St. Paul Mercury Insurance, the bank’s directors and officers liability insurer, refused to defend the suit, relying upon the policy’s Insured v. Insured exclusion, which, in this case, precluded coverage for claims “brought or maintained by or on behalf of any Insured or Company [including the Bank] in any capacity. . . .” (Emphasis added.) The exclusion also contained a giveback of coverage for any claim that is a “derivative action brought or maintained on behalf of the Company by one or more persons who are not Directors or Officers and who bring and maintain such Claim without the solicitation, assistance or active participation of any Director or Officer.”

St. Paul filed a declaratory judgment action seeking an order that it was not required to defend the FDIC’s lawsuit and both parties filed summary judgment motions.

Finding the exclusion ambiguous, U.S. District Court Judge Andrew J. Guilford granted the insureds’ summary judgment.

Courts considering the Insured v. Insured exclusion in coverage disputes over FDIC lawsuits on behalf of failed banks have reached varying conclusions, the court noted, lending weight to the conclusion that the phrase “on behalf of” is ambiguous when applied to the FDIC. “There can be little doubt that repeated disputes over the IvI [Insured v. Insured] Exclusion have placed insurers on notice that it is ambiguous,” the judge wrote.

St. Paul “had the opportunity to make clear in the Policy that the IvI exclusion applied to [the FDIC], and it could have done so with a simple statement,” the court said. “Indeed, [St. Paul] provides an optional regulatory exclusion – not included in the policy here – that explicitly names the FDIC. It could have included similarly clear language in the IvI exclusion. Having failed to meet its burden ‘to phrase exceptions and exclusions in clear and unmistakable language,’ [St. Paul] cannot now benefit from the ambiguity.”

While the FDIC “steps into the shoes” of the bank when it takes over as receiver, the agency plays a multitude of roles and the insurer should have been more explicit in the policy, Judge Guilford wrote.

Even if the IvI exclusion did apply to the FDIC, the court added that the Shareholder Exception contained in the provision would bring the lawsuit back within the scope of policy coverage. The FDIC also represents the interests of the bank’s shareholders, the judge said, because under the Financial Institutions Reform, Recovery, and Enforcement Act, the FDIC as receiver succeeds to the rights not only of the failed bank, but also “of any stockholder, member, [or] accountholder . . . of such institution.”

“The Policy at issue here provides coverage for claims by shareholders, even for derivative actions brought by the shareholders on behalf of the Bank,” Judge Guilford said.

Although the complaint was not filed as a derivative action, the court asked, “On whose behalf does [the FDIC] bring these claims? The Shareholder Exception ‘evidences an intent to place on insurer the risk for actions against the D&Os based upon allegations of mismanagement, waste, fraud, or abuse of the failed institution. The Policy should therefore cover these claims if [the FDIC] pursues them under its authority to recover losses on behalf of shareholders. This is true even if the procedure by which [the FDIC] asserts the claims differs from the derivative action available to shareholders.”

The court also rejected St. Paul’s contention that an Unrepaid Loan Carve-Out in the policy barred coverage. Just because the FDIC complaint requested damages in the amount of certain unrepaid loans, the exclusion did not “unambiguously apply to cases where tortious conduct results in damages that might happen to be in the amount of unrepaid loans,” the judge wrote.

To read the order in St. Paul Mercury Insurance Co. v. Hahn, click here.

This article originally appeared in Manatt’s Insurance Recovery Law Newsletter on October 22, 2014. Please click here to read the full issue.

back to top