Financial Services Law

FDIC on Marketplace Lending, Supervisory Appeals and Communication

The latest regulator attempting to rein in controls on the marketplace lending industry is the Federal Deposit Insurance Corp. (FDIC). Marketplace lending to consumer borrowers generally runs through state-chartered banks. The FDIC is in the unique position of being able to regulate state-chartered, nonmember banks because most of them rely on their federal supervision in order to export their home state maximum interest rate under the Federal Deposit Insurance Act. Despite there being no history of reported claims by any marketplace lender that could threaten the deposit insurance fund of the FDIC, the FDIC is poised to take the offensive in regulating this industry, so as to better ensure the safety and soundness of its supervised banks. Thus, the FDIC has released multiple pieces of guidance on issues including third-party lending and changes to the supervisory appeals process as well as a reminder to financial institutions to maintain communication with examination staff.

What happened

Not taking a vacation this summer, the FDIC recently published three financial institution letters on important issues for banks.

In FIL-50-2016, the agency requested comment on draft guidance regarding third-party lending. The guidance provides safety and soundness and consumer compliance measures that FDIC-supervised institutions should follow when lending through a relationship with a third party, the agency explained, supplementing the FDIC’s existing Guidance for Managing Third-Party Risk, issued in 2008.

Defining third-party lending as “an arrangement that relies on a third party to perform a significant aspect of the lending process,” the proposed guidance references categories such as institutions originating loans for third parties, originating loans through third parties or jointly with third parties, and originating loans using platforms developed by third parties.

Managing and controlling the risks of third-party relationships can be “challenging,” the FDIC noted, particularly when origination volumes are significant or numerous third-party relationships are in place. To cope with the challenges, institutions should establish a third-party lending risk management program and compliance management system commensurate with “the significance, complexity, risk profile, transaction volume, and number of third-party lending relationships,” the agency advised.

As set forth in existing guidance, the risk management program and compliance management system should comprise four elements: risk assessment, due diligence and oversight, contract structuring and review, and oversight.

When reviewing such programs, examiners would consider credit underwriting and administration, loss recognition practices, the applicability of subprime lending guidance, capital adequacy, liquidity and funding, profitability and budgeting, accounting and allowance for loan and lease losses maintenance, consumer compliance, programs for safeguarding customer information, and information technology.

The proposed guidance would establish increased supervisory attention for institutions that engage in “significant” lending activities through third parties, defined to cover banks where such lending has a material impact on revenues, expenses or capital; involves large lending volumes in relation to the bank’s balance sheet; involves multiple third parties; or presents material risk of consumer harm. In such situations, the FDIC proposed a 12-month examination cycle, concurrent risk management and consumer protection examinations, off-site monitoring, and the possibility of the agency’s review of the third parties involved.

Comments on the proposal will be accepted until Oct. 27. The FDIC specifically asked for public input on the scope of the definition of third-party lending, whether the three categories delineated appropriately capture the various types of third-party lending arrangements, whether additional risks posed by the use of third parties should be recognized by the agency and whether the expectations for a risk management program provide an adequate framework.

Feedback about supervisory considerations and examination procedures—particularly the increased supervision for institutions engaged in “significant” lending activities—was likewise requested.

The FDIC also asked interested parties to weigh in on updates to guidelines for institutions to appeal certain material supervisory determinations in FIL-52-2016. Intended to expand the circumstances under which banks may appeal a material supervisory determination, the proposed amendments to the Guidelines for Appeals of Material Supervisory Determinations would be effective upon adoption.

Specifically, the changes would permit appeal of the level of compliance with an existing formal enforcement action and provide that a formal enforcement-related action or decision does not affect an appeal that is pending under the guidelines.

In another change, financial institutions would have additional appeal rights with respect to material supervisory determinations in certain circumstances, such as where the FDIC has provided an institution with a written notice of a recommended or proposed formal enforcement action but does not pursue the action within 120 days of the written notice or in the case of a referral to the attorney general for certain violations of the Equal Credit Opportunity Act.

Finally, the FDIC reissued a 2011 financial institution letter to reinforce the agency’s expectations for communications with banks. “An open dialogue with bank management is critical to ensuring the supervisory process is effective in promoting an institution’s strong financial condition and safe-and-sound operation,” according to the letter.

Prior to the conclusion of an examination, examiners will “thoroughly discuss” their findings and recommendations with senior management and provide management with an opportunity to respond, the FDIC said. Examiners will also engage in informal communication with bankers during the exam process, perhaps making verbal suggestions to address minor issues or describing effective practices they have observed at other institutions.

“This discourse fosters an effective flow of information between the regulator and the financial institution and helps ensure regulatory findings and recommendations are well understood,” the agency wrote. “The FDIC encourages bank management to provide feedback on FDIC supervisory activities and engage FDIC personnel in discussions to ensure full understanding of the FDIC’s supervisory findings and recommendations.”

If an institution disagrees with examination findings, it has several informal and formal avenues for raising its concerns, the FDIC noted, such as discussing the matter with the examiner-in-charge, contacting the appropriate field office or regional office personnel, filing a request for review under the FDIC’s formal appeals process for material supervisory determinations, or reaching out to the FDIC Office of the Ombudsman.

The agency also took the opportunity to note that FDIC policy prohibits “any retaliation, abuse or retribution by an agency examiner or any FDIC personnel against an institution,” and that banks should contact their regional directors if they believe retaliation has occurred.

To read FIL-50-2016, click here.

To read FIL-52-2016, click here.

To read FIL-51-2016, click here.

Why it matters

The FDIC explained that the revisions to the guidelines for institutions to appeal certain material supervisory determinations and the additional proposed guidance for third-party lending demonstrated an effort by the agency “to improve the transparency and clarity of the FDIC’s supervisory policies and practices, and to ensure that institutions have clear and fair avenues to pursue when there are differences of opinion regarding supervisory matters.” As for the reissued financial institution letter encouraging communication, the FDIC emphasized the importance of an open dialogue between banks and examiners, which it said can promote an institution’s financial condition and safe-and-sound operation.

back to top

CFPB’s Debt Collection Proposal an Industry Overhaul

In what the Consumer Financial Protection Bureau (CFPB) characterized as an “overhaul” of the debt collection industry, the agency proposed changes including capping collector contact attempts and making it easier for consumers to dispute debts.

What happened

Emphasizing the impact of the debt collection industry on consumers—citing a recent study that one in three consumers had been contacted by a creditor or collector trying to collect a debt within the past year, with one-third of those reporting an attempt to collect the wrong amount—the CFPB published proposals to increase protections pertaining to debt collection.

The current proposals would apply only to “debt collectors” as defined in the federal Fair Debt Collection Practices Act (FDCPA). Accordingly, these proposals generally would not extend to creditors collecting their own debts, coverage of which had been anticipated based on an earlier CFPB Advance Notice of Proposed Rulemaking. The CFPB stated that it expects to convene a second proceeding in the next several months for creditors and others engaged in collection activity who are covered persons under the Dodd-Frank Act but who may not be “debt collectors” under the FDCPA.

“This is about bringing better accuracy and accountability to a market that desperately needs it,” CFPB Director Richard Cordray said about the proposal, noting that debt collection generates more complaints to the CFPB than any other financial product or service.

Pursuant to the proposal, debt collectors would be required to “substantiate” a debt prior to contacting a consumer, confirming that the collector has certain “fundamental information” to initiate collection, including the consumer’s full name, last known address, last known telephone number, account number, date of default, amount owed at default, and date and amount of any payment or credit applied after default.

In a major change, collectors would be limited in the number of collection attempts permitted, capped at six communication attempts per week through any point of contact before they reach the consumer. Consumers would also be empowered to request that a debt collector stop using specific points of contact, such as a particular phone number or during certain hours. Also under consideration: a 30-day waiting period after a death before a collector can communicate with surviving parties.

Disputing a debt would be easier under the proposal, with collectors required to include more information about the debt in the initial collection notices. Along with information about the consumer’s federal rights, debt collectors would need to disclose when a debt is too old to form the basis of a legal action. The notice form sent to consumers would also feature a tear-off portion that consumers could send back to pay the debt or dispute it, listing options for why the consumer thinks the collector’s demand is incorrect.

If a consumer returns the tear-off portion of the notice or sends any other written notice within 30 days of the initial collection notice, debt collectors would be obliged to provide written information substantiating the debt to the consumer under the CFPB’s proposal. Collection attempts would be halted until the verification is sent.

In addition to the tear-off dispute mechanism, consumers would be permitted to verbally challenge a debt. The CFPB would require a stop to all collection attempts when a consumer questions a debt until the debt collector verifies all the necessary documentation. Collectors would be similarly prohibited from collection efforts if any “warning signs” are found, such as inaccurate or incomplete information.

Examples of warning signs include a portfolio with a high rate of disputes, the CFPB said, or the inability to obtain underlying documents to respond to specific disputes. Before pursuing a collection action in court, collectors would need to verify the debt documentation such as evidence of the amount of principal, interest or fees billed, as well as the date and amount of each payment made after default.

All the consumer rights established by the CFPB would remain for the life of the debt. So if a debt collector transferred the debt without responding to a dispute, the next collector would similarly be unable to collect until resolving the debt’s validity. The CFPB would also require the transfer of information from one debt collector to another so that consumers would not have to resubmit data.

To read an outline of the CFPB’s debt collection proposal, click here.

Why it matters

Regulations had not previously been issued under the FDCPA, and the current proposals would represent a major increase in the regulation of the debt collection industry. While the proposal addresses only third-party debt collectors, as discussed above, creditors should brace themselves for regulation as well, as the CFPB has indicated that a similar proposal for first-party debt collectors is forthcoming, based primarily on Dodd-Frank provisions prohibiting unfair, deceptive or abusive acts or practices. However, the CFPB’s proposal is only the first step in the rulemaking process. For the next move, the CFPB will convene a Small Business Review Panel to gather feedback from the industry. The CFPB also said it intends to gather input from the public, consumer groups, industry and other stakeholders before issuing proposed regulations (which will also be open to comment). Once all of these steps are completed, the CFPB can publish a final rule.

back to top

Virtual Currency May Not Be Money but Dismissal Is Real

Is bitcoin money? Not according to a Florida judge who threw out criminal charges against a defendant accused of money laundering and acting as an unlicensed money services business in violation of state law.

What happened

Working in conjunction with the U.S. Secret Service’s Miami Electronic Crimes Task Force, a member of the Miami Beach Police Department launched an investigation into the purchase and sale of Bitcoin in South Florida.

A special agent and the state detective spent some time on the Internet and decided to contact Michell Espinoza, or, as he was known online, “Michelhack.” Espinoza advertised that his contact hours were anytime and his preferred meeting places were Internet cafes or coffee stores. Based on his username and advertisement (which stated, “You will need to bring your wallet and your smartphone or the address the Bitcoin will be deposited to…”), the task force determined he might be engaged in unlawful activity.

With the detective acting in an undercover capacity, the task force initiated a Bitcoin trade with Espinoza. At the meeting, Espinoza agreed to sell 0.40322580 Bitcoin to the detective for $500. He also explained how the Bitcoin market worked and how he profited from the enterprise. Espinoza—who had no previous history of criminal activity—said he purchased the Bitcoin at 10 percent under market value and sold the Bitcoin at 5 percent above market value, netting him a profit of $83.67 on the sale.

At a second meeting, the detective spent $1,000 on Bitcoin and told Espinoza he planned to spend it on stolen credit card numbers obtained by Russians. The detective also asked Espinoza if he would be willing to accept stolen credit card numbers as a trade for Bitcoin, to which Espinoza replied he “would think about it.”

After a third purchase of another $500 worth of Bitcoin, the detective offered $30,000 and again discussed the illicit credit card operation. Espinoza was then arrested and charged with one count of unlawfully engaging in business as a money services business and two counts of money laundering. The prosecutor later added a charge of unlawfully operating as a “payment instrument seller.”

Espinoza moved to dismiss the charges, arguing that Bitcoin did not meet any of the statutory definitions of the counts he was charged under. The court agreed.

First tackling the question of whether Espinoza was engaging in the business of a money service business, Miami-Dade County Judge Teresa Pooler looked to the language of the statute to determine whether he was a money transmitter and payment instrument seller. Florida defines a “money services business” as a person “who acts as a payment instrument seller, foreign currency exchanger, check casher, or money transmitter,” while a “payment instrument” is defined as “a check, draft, warrant, money order, travelers check, electronic instrument, or other instrument, payment of money, or monetary value whether or not negotiable.”

The judge concluded that “[D]efendant’s sale of Bitcoin does not fall under the plain meaning of [the money transmitter statute].” Espinoza did not receive currency for the purpose of transmitting it to a third party as he did not act as a middleman. Instead, he acted as a seller. “The defendant purchases Bitcoin low and sells them high, the equivalent of a day trader in the stock market, presumably intending to make a profit,” the court said.

Further, Espinoza did not fall under the definition of “payment instrument seller” because Bitcoin does not fall under the statutory definition of “payment instrument.” Judge Pooler said, “The federal government, for example, has decided to treat virtual currency as property for federal tax purposes. ‘Virtual Currency’ is not currently included in the statutory definition of a ‘payment instrument’; nor does Bitcoin fit into one of the defined categories listed.”

Espinoza also failed to meet the statutory requirements for a money transmitter because he did not charge a fee for the transaction. “The Defendant solely made a profit,” the court said—$83.67 on the $500 transaction, for example. “The Defendant was not selling the Bitcoin for an employer. The Defendant was selling his personal property. The difference in the price he purchased the Bitcoin for and what he sold it for is the difference between cost and expenses, the widely accepted definition of profit.”

Considering virtual currency generally, the court noted that Bitcoin has some attributes in common with money (it can be exchanged for items of value and is accepted by some merchants and service providers) but differs in many respects. “This Court is not an expert in economics, however, it is very clear, even to someone with limited knowledge in the area, that Bitcoin has a long way to go before it is the equivalent of money,” Judge Pooler wrote.

Turning to the second charge, Judge Pooler explained that under state law, money laundering is “commonly understood to be the method by which proceeds from illicit activity (‘dirty money’) becomes legitimized.” This means, she added, that the money must be dirty to begin with.

Although the detective represented that he was planning to trade the Bitcoin for stolen credit card numbers, he did not represent that the cash he used to purchase the Bitcoin was the proceeds of an illegal transaction, the court noted. The statute also requires that the defendant undertake the transaction with the intent to promote the carrying on of the illegal activity, but the judge found the term “promote” to be “troublingly vague.”

“Is it criminal activity for a person merely to sell their property to another, when the buyer describes a nefarious reason for wanting the property?” the court asked. “Does ‘promoting’ require that there be more of an affirmative act or does the mere act of selling constitute promoting? Has a seller crossed into the realm of ‘promoting’ by virtue of simply hearing the illicit manner in which the buyer intends to use what’s been purchased?”

“There is unquestionably no evidence that the Defendant did anything wrong, other than sell his Bitcoin to an investigator who wanted to make a case,” Judge Pooler concluded. “This Court is unwilling to punish a man for selling his property to another, when his actions fall under a statute that is so vaguely written that even legal professionals have difficulty finding a singular meaning.”

To read the order in Florida v. Espinoza, click here.

Why it matters

The true impact of this case remains to be seen. While the order is well reasoned and well written, and its precedential value may extend well beyond Florida, the judge’s ruling in Florida itself could be limited. The court is only one of 11 circuit courts in Florida, the decision was handed down in the middle of a criminal proceeding, and the decision may not be binding on the regulator that is charged with interpreting the statute and determining whether a license is required to engage in the activity. However, as the judge recognized, the statute itself is infirm. As she said, “The Florida Legislature may choose to adopt statutes regulating virtual currency in the future. At this time, however, attempting to fit the sale of Bitcoin into a statutory scheme regulating money services businesses is like fitting a square peg in a round hole.”

It also should be noted that had this case been prosecuted under federal law, the results for Mr. Espinoza could have been quite different. Federal law requires persons engaged in the sale or exchange of virtual currencies to be registered as money services businesses—which Mr. Espinoza did not appear to be. Also, federal prosecutors do not need to rely on a state regulatory interpretation of its statute and could have reached a different conclusion on whether a money transmitter license was required under the state law. Thus, while the judge in the Espinoza case identified a number of problems with the Florida statutes and determined that the defendant had not violated the licensing statute, a federal judge could have reached a different conclusion. Likewise, the federal money laundering criminal statute (18 USC 1960) is not as limited in scope as the Florida statute and may have provided greater latitude to a federal prosecutor.

back to top

SEC Continues Crackdown on Severance Agreements

Why it matters

The Securities and Exchange Commission (SEC) continued its efforts against anti-whistleblowing provisions in severance agreements, fining one employer $265,000 for the use of an allegedly illegal clause. Atlanta-based BlueLinx Holdings violated securities laws by using severance agreements that required outgoing employees to waive their rights to monetary recovery should they file a charge or complaint with the SEC or other federal agencies. The prohibitions were used after August 2011, when the agency adopted Rule 21F-17 forbidding any action impeding an individual from communicating with the SEC about possible securities law violations. But the employer forced employees to waive their whistleblower rights or risk losing other post-employment benefits, the agency said. “We’re continuing to stand up for whistleblowers and clear away impediments that may chill them from coming forward with information about potential securities law violations,” said Stephanie Avakian, deputy director of the SEC’s Enforcement Division, in a statement about the BlueLinx action. “Companies simply cannot undercut a key tenet of our whistleblower program by requiring employees to forgo potential whistleblower awards in order to receive their severance payments,” added Jane Norberg, acting chief of the SEC’s Office of the Whistleblower.

Detailed discussion

In 2011, the SEC promulgated Rule 21F-17, which provides in part that “(a) No person may take any action to impede an individual from communicating directly with the Commission staff about a possible securities law violation, including enforcing, or threatening to enforce, a confidentiality agreement…with respect to such communications.” The rule was intended to fulfill the purpose of the recently enacted Dodd-Frank Wall Street Reform and Consumer Protection Act.

Both prior to August 2011, when Rule 21F-17 became effective, and after, BlueLinx entered into severance agreements with employees leaving the company and receiving some form of post-employment consideration. The Atlanta-based company has about 1,700 employees, and the “vast majority” of nonmanagement employees who left the company were asked to sign one of a variety of forms of severance agreements.

Although the forms differed somewhat, they contained some form of a provision prohibiting the employee from sharing—with anyone—confidential information concerning BlueLinx that the worker had learned while employed by the company, the SEC said, unless compelled to do so by law or legal process. These confidentiality provisions also required the employee to either obtain written consent from the legal department or provide written notice prior to providing confidential information in the event of legal process and provided no exception to permit the employee to voluntarily provide information to the SEC or other agencies. Approximately 18 BlueLinx employees signed an agreement containing these confidentiality provisions.

In 2013, the company amended its severance agreements, adding a new provision that stated: “Employee further acknowledges and agrees that nothing in this Agreement prevents Employee from filing a charge with…the Equal Employment Opportunity Commission, the National Labor Relations Board, the Occupational Safety and Health Administration, the Securities and Exchange Commission or any other administrative agency if applicable law requires that Employee be permitted to do so; however, Employee understands and agrees that Employee is waiving the right to any monetary recovery in connection with any such complaint or charge that Employee may file with an administrative agency.” About 160 employees signed agreements with this provision, the SEC said, which operated counter to the purpose of Rule 21F-17 and undermined the intent of Dodd-Frank.

“By including those clauses in its Severance Agreements, BlueLinx raised impediments to participation by its employees in the SEC’s whistleblower program,” according to the agency’s order. “By requiring departing employees to notify the company’s Legal Department prior to disclosing any financial or business information to any third parties without expressly exempting the Commission from the scope of this restriction, BlueLinx forced those employees to choose between identifying themselves to the company as whistleblowers or potentially losing their severance pay and benefits. Further, by requiring its departing employees to forgo any monetary recovery in connection with providing information to the Commission, BlueLinx removed the critically important financial incentives that are intended to encourage persons to communicate directly with the Commission staff about possible securities law violations.”

The agency ordered BlueLinx to pay a $265,000 fine and terminate use of the challenged provision. The company must also make reasonable efforts to contact the former employees who signed any of the severance agreements, provide them with an Internet link to the SEC order, and provide a statement that BlueLinx does not prohibit them from “providing information to, or communicating with, Commission staff without notice to the Company” or “accepting a whistleblower award from the Commission pursuant to Section 21F of the Exchange Act.”

Further, the company will add a new clause to its severance agreements: “Protected Rights. Employee understands that nothing contained in this Agreement limits Employee’s ability to file a charge or complaint with the Equal Employment Opportunity Commission, the National Labor Relations Board, the Occupational Safety and Health Administration, the Securities and Exchange Commission or any other federal, state or local governmental agency or commission (‘Government Agencies’). Employee further understands that this Agreement does not limit Employee’s ability to communicate with any Government Agencies or otherwise participate in any investigation or proceeding that may be conducted by any Government Agency, including providing documents or other information, without notice to the Company. This Agreement does not limit Employee’s right to receive an award for information provided to any Government Agencies.”

The action is the agency’s third against an employer based on allegations of Rule 21F-17 violations. In April 2015, the SEC filed and settled a case with a technology and engineering firm that instructed employees not to discuss the workings of an internal investigation without prior authorization by the law department, imposing a $130,000 fine.

Earlier this year, the agency included claims based on Rule 21F-17 in an action against a financial services institution that settled for $415 million, alleging the company failed to include a carve-out in the confidentiality provisions of its severance agreements allowing employees to voluntarily give confidential information to government agencies.

To read the order in In the Matter of BlueLinx Holdings Inc., click here.

back to top

manatt-black

ATTORNEY ADVERTISING

pursuant to New York DR 2-101(f)

© 2020 Manatt, Phelps & Phillips, LLP.

All rights reserved