• REGULATORY • NEW LAWSUITS • NOTABLE CASE DEVELOPMENTS • INTERCHANGE FEE LITIGATION ISSUE SIX I DECEMBER 2024 • ENFORCEMENT
ISSUE 6 | 3 REGULATORY CFPB Finalized Rule on Subjecting Large Nonbank Consumer Digital Payment Companies to Federal Oversight On November 21, 2024, the Consumer Financial Protection Bureau (CFPB) finalized a rule to supervise the largest nonbank companies offering digital funds transfer and payment wallet apps. This rule applies to companies that (1) facilitate an annual covered consumer payment transaction volume of at least 50 million transactions as defined in the rule; and (2)arenotconsideredsmallbusinesses.Thefinalruledefines“consumerpaymenttransactions” to include payments to other persons for personal, household, or family purposes, excluding certain transactions as described in more detail in Part V of the final rule. The CFPB estimates that only seven companies will be subject to the final rule, accounting for over 13 billion consumer payment transactions each year. The final rule subjects these companies to supervision of existing financial services regulations, including (1) personal financial data rights, which impose requirements on how large tech companies collect and share data about individual transactions; (2) Regulation E, which establishes protocols for disputing incorrect or fraudulent transactions; and (3) unfair, deceptive, or abusive acts or practices. In the final rule, the CFPB made several significant changes from its initial proposal. The transaction threshold determining which companies require supervision is now substantially higher, from 5 million to 50 million annual transactions. The CFPB also limited the final rule’s scope to include only transactions conducted in U.S. dollars. Trade Groups Send Letter to Senate Judiciary Committee Warning of Negative Ramifications of the Credit Card Competition Act On October 22, 2024, the American Bankers Association, America’s Credit Unions, Bank Policy Institute, Consumer Bankers Association, Electronic Payments Coalition, Independent Community Bankers of America, Mid-Size Bank Coalition of America, and National Bankers Association sent a letter to the Senate Judiciary Committee opposing the Credit Card Competition Act (CCCA). The CCCA seeks to impose mandated competition between credit card networks, and drive down credit card interchange fees, by requiring larger credit card issuing banks to ensure that at least two credit card networks are available to merchants for routing each credit card transaction. According to the trade groups, the CCCA would increase consumer costs and put small businesses at a further competitive disadvantage. The trade groups cited research projecting that the CCCA would increase the cost of checking accounts services by $1.3 billion to $2 billion a year, with the majority of the costs borne by low-balance consumers. According to the trade groups, exempt community banks and credit unions would still be negatively affected by the interchange fee cap, especially since exempt institutions interchange revenues decreased by 30% after the Durbin Amendment. The trade groups also expressed concern that the CCCA would “open the door to fraud, hamper rewards programs, and limit the allocation of credit to individuals and small businesses.” CFPB Finalizes Open Banking Rule On October 22, 2024, the CFPB issued its final “open banking” rule aimed at carrying out the personal financial data rights established by the Consumer Financial Protection Act of 2010. The final rule (1) requires banks, credit unions, and other financial service providers to make consumers’ data available upon request to consumers and authorized third parties in a secure and reliable manner; (2) defines obligations for third parties accessing consumers’ data, including important privacy protections; and (3) promotes fair, open, and inclusive industry standards. In general, the final rule requires a “data provider” to make “covered data” about “covered financial products and services” available in electronic form to consumers and to certain “authorized third parties” upon request. A data provider includes depository institutions (including credit unions) and non-depository institutions that issue credit cards, hold transaction accounts, issue devices to access an account, or provide other types of payment facilitation products or services. In general, covered data includes information about transactions, costs, charges, and usage. The rule includes a number of functional requirements intended to ensure data providers make covered data available reliably, securely, and in a way that promotes competition. A data provider must make covered data available to authorized third parties in a standardized and machine-readable format and in a commercially reasonable manner, including by meeting a minimum response rate for requests for covered data. The rule also states that a data provider must not unreasonably restrict the frequency with which it receives or responds to requests for covered data from an authorized third party. Under the final rule, a third party must certify to limit its collection, use, and retention of covered data to what is reasonably necessary to provide the consumer’s requested product or service. For purposes of this certification, targeted advertising, cross-selling, and the sale of covered data are not part of, or reasonably necessary to provide, any other product or service. The final rule includes examples of uses that are considered reasonably necessary to provide consumer-requested products or services. Financial services providers should prepare to comply with this new rule in phases. The largest institutions will need to comply by April 1, 2026, while the rule is phased in over stages through April 1, 2030 for smaller institutions based on their total asset size. Depository institutions with less than $850 million in total assets are exempt from the rule. CFPB’s Open Banking Rule
ISSUE 6 | 5 CFPB Sued over New Open Banking Rule Forcht Bank N.A., et al. v. Consumer Financial Protection Bureau, et al., No. 5:24-cv-00304 (E.D. Ky.). On October 22, 2024, the same day the CFPB issued its open banking rule, the Bank Policy Institute, Kentucky Bankers Association, and a community bank in Kentucky filed a lawsuit against the CFPB. The new rule requires financial institutions and firms to transfer personal financial data at no cost to other providers at the request of a consumer. This requirement is meant to ease the process of changing financial providers for consumers and allow greater consumer control of their personal financial information. In turn, the CFPB intends for this change to encourage better service and products from financial providers. The complaint alleges that the new rule is not only unnecessary but actually harms consumers by jeopardizing the safety of sensitive consumer financial information. The plaintiffs allege that the new rule impedes their ability to protect consumer financial data from third parties and will increase the risks of fraud and misuse of customer data. The plaintiffs assert that the rule is also unlawful because the CFPB exceeded the statutory authority granted by Section 1033 of the Dodd–Frank Act in three ways. According to the plaintiffs, Section 1033 does not authorize the CFPB to (1) dictate the terms on which banks must furnish consumer data to third parties; (2) ban banks from charging any fees to the third parties; or (3) delegate regulatory authority to private organizations. Additionally, the complaint alleges that the CFPB violated the Administrative Procedure Act by using an “arbitrary and capricious” framework to adopt the rule. The plaintiffs request a declaratory judgment that the rule exceeds the CFPB’s statutory authority and is arbitrary and capricious. The complaint also requests a number of orders: (1) an order setting aside the rule; (2) an order permanently enjoining the CFPB from enforcing the rule against the plaintiffs and their members; (3) an order delaying the effective date and implementation of the rule pending the conclusion of the case; and (4) an order awarding the plaintiffs their costs and attorneys’ fees in bringing the action. CFPB’s Open Banking Rule FDIC Proposes Rule on Bank–Fintech Partnership Risks In September 2024, the Federal Deposit Insurance Corporation (FDIC) proposed new recordkeeping rules for banks working with fintech companies. Under the proposed rules, FDIC-insured banks that partner with fintechs to provide deposit products and services would be required to maintain records identifying the beneficial owners of all account deposits. Banks would also be required to reconcile accounts for every individual owner each day. FDIC Chair Martin Gruenberg said that the new recordkeeping requirements are designed to “ensure consumers have timely access to their funds, even if a bank fails,” since issues have arisen when a fintech pools customer deposits in a single bank account. The proposed rulemaking was unanimously approved by the FDIC’s board of directors. Associations Disagree with CFPB Agreeing with New York Attorney General’s Interpretation of Wire Transfer Exemption On June 22, 2024, representatives of the Clearing House Association, Bank Policy Institute, New York Bankers Association, and American Bankers Association sent an open letter to the CFPB general counsel about the CFPB’s support of the New York attorney general’s narrow interpretation of the Wire Transfer Exemption to the Electronic Fund Transfer Act (EFTA). The associations’ open letter was sent in response to the CFPB filing an amicus brief in New York v. Citibank N.A. in May 2024 (refer to the Litigation section for an analysis of the related litigation) and publishing a blog post in which the CFPB contends that the originating portions of consumer wire transfers do not fall within the Wire Transfer Exemption of the EFTA. The associations noted that the amicus brief and blog post reflect a reversal from the CFPB’s prior stance that the originating portions of consumer wire transfers do in fact fall under the exemption and are therefore governed by Article 4A of the Uniform Commercial Code. The associations pointed out that since 1990, the CFPB has consistently expressed the view that the EFTA does not apply to payment orders from consumer accounts. The associations also expressed the opinion that the CFPB’s prior position is the only plausible interpretation of the statute and changing course would be wrong as a matter of law. Furthermore, the associations claimed that by indicating a new interpretation of the EFTA in an amicus brief and blog post without any of the procedures required by the Administrative Procedure Act, the CFPB’s actions were improper as a matter of process as well. The associations’ letter comes after the CFPB filed an amicus brief in support of the New York attorney general in a different lawsuit that accused Citibank of failing to deploy sufficiently robust data security measures to protect consumer financial accounts, respond appropriately to red flags, or limit theft by scam.
ISSUE 6 | 7 Illinois Passes Novel Restriction on Collection of Interchange Fees On June 7, 2024, the Illinois state legislature signed into law the Illinois Interchange Fee Prohibition Act (IFPA), which will ban issuers, acquirers, payment processors, and card networks from charging interchange fees on the gratuities and taxes included in debit or credit card transactions. The restriction is the first of its kind in the United States and is set to become effective in July 2025. The IFPA allows merchants to ensure no interchange fees are charged on gratuities or taxes by (1) allowing the merchants to designate gratuities and taxes at the time of the transaction; or (2) permitting the merchant to seek reimbursement of interchange fees on gratuities and taxes within 180 days of the transaction. The IFPA also restricts banks and other entities from using transaction data for purposes other than processing the transaction, except as required by law, and sets a civil penalty of $1,000 per transaction. The IFPA has raised questions of how it will impact consumer transactions, including whether it will cause consumers to have to conduct two separate transactions for a single purchase: one payment for the goods or services, and a second payment for the tax and tip that is not subject to interchange fees. Several banking associations have joined together in a lawsuit challenging the IFPA, arguing it is preempted by federal law, unconstitutional, and invalid. (Refer to the Litigation section for an analysis of the related litigation.) CFPB Finalizes Rule Standardizing Industry Bodies On June 5, 2024, the CFPB finalized a rule that outlines the qualifications to become a recognized industry standard-setting body that can issue standards that companies can use to help them comply with the CFPB’s upcoming Personal Financial Data Rights Rule. The rule aims to give consumers more control over their financial data and make it easier to share it safely and securely. To be recognized by the CFPB, the standard setters must apply to the CFPB and display the following attributes: (1) openness; (2) transparency; (3) balanced decision-making; (4) consensus; and (5) due process and appeals. The rule also contains a step-by-step guide to help interested standard-setters apply for recognition. The rule also provides a process for the CFPB to revoke recognition for a standard-setting body, and it sets a five-year limit on recognition after which a standard-setting body must reapply. CFPB Creates New Public Registry for Nonbank Corporate Repeat Offenders On June 3, 2024, the CFPB finalized a rule to establish a registry for nonbank corporate entities that have violated consumer laws and are subject to federal, state, or local court orders. Nonbank companies will be required to register after becoming subject to certain final public orders based on alleged violations of specific consumer-protection laws. The registry will collect information from certain publicly available agency and court orders to facilitate CFPB supervision. It is intended to help identify repeat offenders and hold offenders publicly accountable. Registry requirements include basic identifying information about the violator and any orders within 90 days of the effective date of the order. Certain entities and orders are excluded under the rule. The final rule went into effect on September 16, 2024. Registration requirements began in October 2024. CFPB and FTC Address Junk Fees On May 30, 2024, the CFPB opened a public inquiry into “junk fees” contributing to rising mortgage closing costs. According to the CFPB, junk fees have been on the rise in recent years in lockstep with the median total loan cost for home mortgages. The inquiry seeks to understand why the junk fees are increasing closing costs, who is benefiting from the increase, and how these costs can be lowered. The CFPB is calling on the public to provide insight into the closing costs experienced by borrowers and lenders alike. In particular, the CFPB wants information on how much competitive pressure influences closing costs, how fees are set, oversight, and who is benefiting the most from the increase. The CFPB is also inquiring about which costs have increased the most, such as distinguishing whether credit report costs or title insurance costs are contributing more or less than other fees that come with closing. The public inquiry follows on the heels of two other rules proposed by the CFPB to target junk fees. Specifically, on January 17, 2024, the CFPB proposed a rule to remove an exemption that allowed banks to avoid Regulation Z coverage of their overdraft practices by granting them on a “discretionary” basis as opposed to committing in writing to offering overdrafts to consumers. Then, on January 24, 2024, the CFPB proposed a rule that would prohibit fees for insufficient funds (NSF) on instantaneous or near-instantaneous transactions.
ISSUE 6 | 9 CFPB’s BNPL Interpretive Rule CFPB Interpretive Rule Classifies Buy Now, Pay Later Loans as Credit Cards On May 22, 2024, the CFPB issued an interpretive rule identifying lenders that issue buy now, pay later (BNPL) digital user accounts as credit card issuers under Regulation Z because the digital user accounts are considered“credit cards”under the same regulation. This classification means that BNPL lenders are now required to provide consumers with the protections and rights that come with traditional credit cards under Regulation Z, including certain dispute and refund requirements. Specifically, BNPL lenders are now required to investigate consumer disputes, refund returned products or canceled services, and provide periodic billing statements to consumers, if they were not already. The guidance became effective on July 30, 2024. This rule was born of BNPL consumer concerns about access to reimbursement and other protections that come with shopping on credit, particularly as this method of payment has expanded in popularity in recent years. In a recent market report, the CFPB found that at least 13% of BNPL transactions involved a return or disputed issue without protections, creating difficulties for shoppers and ultimately leading to the rule. On September 18, 2024, the CFPB issued a set of FAQs to help lenders transition into compliance, and the agency stated that it does not plan to enforce the rule during this transitional phase. The CFPB has received industry pushback in response to this rule. BNPL lenders have said that they share the CFPB’s goal of keeping consumers safe and already offer to their consumers many of the applicable protections required by Regulation Z. However, several BNPL lenders have expressed concerns that: (1) not all Regulation Z requirements are suited to the unique and varied structure of BNPL loans; (2) the CFPB’s interpretative rule does not provide sufficient guidance on BNPL lenders’ new regulatory obligations; and (3) the interpretive rule does not provide BNPL lenders enough time to come into compliance. Some bank groups have called on the CFPB to rescind the guidance and release it as a formal proposed rule, arguing that the CFPB violated the Administrative Procedure Act by creating new substantive law without going through notice-and-comment rulemaking. CFPB’s BNPL Interpretive Rule Association Sues CFPB over BNPL Interpretive Rule Financial Technology Association v. Consumer Financial Protection Bureau, No. 1:24-cv-02966 (D.D.C.). The CFPB has received industry pushback against the interpretive rule that requires BNPL loan providers to qualify as credit card providers under federal law and require that they extend certain credit-card-like protections to consumers. That pushback has materialized in a new lawsuit filed by the Financial Technology Association (FTA) on October 18, 2024. The FTA asserts that the CFPB is seeking to fundamentally change the regulatory treatment of BNPL products without adhering to required rulemaking procedures, exceeding its statutory authority in an unreasonable manner. According to the FTA, the CFPB’s attempt to impose regulations designed for credit cards on BNPL products shows an underlying misunderstanding of BNPL. In its complaint, the FTA asserts that the interpretive rule violates the Administrative Procedure Act because (1) the CFPB skipped the notice-and-comment requirements by putting an “interpretive rule” label on it; (2) it exceeds the CFPB’s statutory authority; and (3) it is arbitrary and capricious and an abuse of discretion. The FTA alleges that the CFPB overlooked that certain obligations the interpretive rule purports to impose are a poor fit for BNPL products and it grants insufficient time for BNPL providers to come into compliance with the new obligations.
ISSUE 6 | 11 CFPB’s Overdraft Lending Rule CFPB’s Overdraft Lending Rule CFPB Finalizes Overdraft Lending Rule On December 12, 2024, the CFPB issued its final “overdraft lending” rule aimed at curbing overdraft fees charged by banks and credit unions with more than $10 billion in assets, also known as very large financial institutions (VLFIs). The CFPB characterized the rule as closing an outdated overdraft loophole that exempted overdraft loans from lending laws. This is the most recent development in the CFPB’s effort to address so-called junk fees. Under the final rule, VLFIs will have to choose one of the following options when charging overdraft fees: (1) capping their overdraft fees at $5; (2) capping their overdraft fees at an amount that covers their costs and losses; or (3) disclosing the terms of their overdraft “loans” like they would for regular loans. At its core, the CFPB’s rule turns on a reinterpretation of the Truth in Lending Act’s (TILA) definition of “credit” and an amendment to the definition of “finance charge” under Regulation Z (TILA’s implementing regulation) to include overdraft fees. TILA defines “credit” as “the right … to defer payment of debt or to incur debt and defer its payment,” and this definition has traditionally been understood to not encompass overdraft fees. Under the CFPB’s interpretation, however, overdraft fees would now be included. And as a finance charge, overdraft fees would be subject to additional regulatory requirements under TILA, the Credit Card Accountability Responsibility and Disclosure Act, and the EFTA. VLFIs should prepare to comply with this new rule by its effective date of October 1, 2025. CFPB Sued over New Overdraft Lending Rule Mississippi Bankers Association, et al. v. Consumer Financial Protection Bureau, et al., No. 3:24cv-00792 (S.D. Miss.). On the same day the CFPB issued the final overdraft rule, a group of financial trade associations – including the Mississippi Bankers Association, Consumer Bankers Association, American Bankers Association, and America’s Credit Unions – filed a lawsuit against the CFPB challenging the rule and seeking an injunction. The complaint alleges that the new rule purports to rely primarily on TILA – a statute covering disclosure obligations for credit products – to impose an expansive and complex new regulatory regime on overdraft services offered by large financial institutions, replete with de facto price caps and significant restrictions on the terms under which the services can be offered. The plaintiffs bring four challenges to the rule under the Administrative Procedure Act. First, they allege that the CFPB exceeded its statutory authority under TILA by interpreting “credit” as extending to overdraft fees and amending “finance charge” to include overdraft fees. This, they argue, implicates the major questions doctrine – which bars agencies from making major policy decisions without clear congressional authorization – because the final rule will likely impact millions of Americans and billions of dollars of transactions. Second, the plaintiffs allege the CFPB exceeded its statutory authority under TILA by imposing substantive credit restrictions when TILA is merely a disclosure statute. They argue this too implicates the major questions doctrine. Third, the plaintiffs allege that the CFPB exceeded its statutory authority under the Consumer Financial Protection Act of 2010 by imposing an unlawful fee cap on discretionary overdraft fees because the Act itself expressly prohibits this kind of fee cap: the CFPB is prohibited from “establish[ing] a usury limit applicable to an extension of credit offered or made by a covered person to a consumer.” Finally, the plaintiffs allege that the rule is arbitrary and capricious in violation of the Administrative Procedure Act because, among other things, it: (1) contains an inadequate cost-benefit analysis; (2) does not explain the change in the CFPB’s interpretation of TILA – namely, the CFPB’s reinterpretation of the definition of “credit” as encompassing overdraft fees; and (3) targets large institutions by imposing a $10 billion asset threshold but ignores smaller financial institutions that charge similar overdraft fees.
ISSUE 6 | 13 ENFORCEMENT CFPB Enters into a Consent Order for Violations Resulting from Digital Banking Services Transition On October 31, 2024, the CFPB entered into a consent order with VyStar Credit Union over VyStar’s handling of the transition of its digital banking services to a new vendor, which resulted in consumers losing access to their accounts for up to seven months. In May 2022, VyStar attempted to launch a new digital banking platform for online and mobile banking that resulted in near-total loss of access to digital banking services. Between May and December 2022, consumers were unable to access and manage their accounts online, make internal transfers, make payments on credit cards and loans, set up recurring payments, or access full transaction histories. Consumers were charged fees for insufficient funds, overdrafts, late payments, and bounced checks, as well as fees to use alternative payment methods, such as wire transfers, while digital banking services were inaccessible. The CFPB alleges that VyStar failed to follow its procurement procedures and selected a vendor with insufficient experience for the project. According to the CFPB, VyStar also failed to effectively manage its vendor, rushed the project timeline, and ignored warning signs of issues with the new digital banking platform before its launch. The CFPB ordered VyStar to pay a penalty of $1.5 million to the CFPB. To determine the amount of consumer redress, the CFPB ordered VyStar to submit a written plan for identifying and calculating the fees, costs, and interest that were charged to consumers as a result of the interruption to the digital banking services. VyStar is also required to implement a compliance plan targeting improving vendor management and its policies, procedures, and practices governing any changes or upgrades to its digital banking services. Federal Reserve Board and State Regulator Impose $63 Million AML Fine In July 2024, federal and state regulators fined Silvergate Bank $63 million for allegedly failing to monitor transactions in compliance with anti-money laundering laws. Silvergate began servicing foreign and domestic digital financial asset companies in 2014, which allowed the bank to grow rapidly. In 2017, the bank created the Silvergate Exchange Network to facilitate U.S. dollar internal bank transfers among its customers. The Federal Reserve Board investigated Silvergate and identified deficiencies in Silvergate’s monitoring of these internal transfers. Ultimately, the Federal Reserve Board fined Silvergate Bank and its holding company $43 million. The California Department of Financial Protection and Innovation (DFPI) fined the bank an additional $20 million. On the same day that these fines were announced, the SEC charged Silvergate with negligence-based securities fraud, alleging that the bank failed to monitor more than $1 trillion in customer transactions between 2021 and 2023. The holding company agreed to settle with the SEC for $50 million, which will be offset by payments to the Federal Reserve Board and the DFPI. Silvergate did not admit or deny any of the allegations levied against it, but it has agreed to pay the fines in its effort to wind down operations. CFPB Settles Enforcement Action Brought Against Bank In July 2024, the CFPB and Fifth Third Bank announced that they had entered a settlement agreement to resolve both the CFPB’s litigation against the bank related to sales practices and a separate investigation into the bank’s auto finance servicing activities. The CFPB had taken action against Fifth Third Bank for allegedly charging extra fees for unnecessary and duplicative vehicle insurance and punishing borrowers with repossession, as well as for opening unauthorized accounts in customers’ names. Pursuant to the settlement agreement, Fifth Third Bank will pay $5 million for the challenged vehicle insurance practices and $15 million for the alleged fake account practices. Fifth Third Bank also agreed to pay redress to roughly 35,000 customers affected by its alleged actions. The CFPB has proposed that Fifth Third Bank should be prohibited from setting performancemanagement and sales goals for bank employees because the CFPB found that the bank’s managers and branch-level employees had their sales goals and performance evaluations tied to the number of new accounts they opened. The CFPB claimed that, through its policies, Fifth Third was incentivizing employees to open fake accounts. The CFPB called FifthThird a“repeat offender,”referring to the two actions the agency took against the bank in 2015. One of these actions was taken in response to Fifth Third’s discriminatory loan pricing, and the other was for the bank’s illegal credit card practices. As a result of those actions, Fifth Third had to pay $18 million to affected Black and Hispanic borrowers, $3 million to customers affected by the illegal credit card practices, and a $500,000 penalty to the CFPB. Federal Reserve Board Fines Prepaid Debit Card Issuer for Alleged Deficient Compliance Risk Management Framework In July 2024, the Federal Reserve Board fined prepaid debit card issuer Green Dot $44 million for certain alleged deficiencies relating to its compliance risk management framework. The Federal Reserve Board alleged that Green Dot violated consumer law in its marketing, selling, and servicing of prepaid debit card products and its offering of tax return preparation payment services. Specifically, Green Dot allegedly failed to adequately disclose the tax refund processing fee for tax preparation services offered on a third party’s website. The Federal Reserve Board also asserted that Green Dot blocked access to accounts of legitimate customers receiving unemployment benefits and lacked reasonable policies and procedures to help those customers cure those blocks. Further, the Federal Reserve Board alleged that Green Dot did not maintain effective consumer compliance risk management or programs against money laundering. Lastly, the Federal Reserve Board accused Green Dot of misrepresenting to consumers that they could register their prepaid debit card accounts via telephone or online, when in reality, registering their cards over the phone was not an option. Green Dot has agreed to hire an independent third-party monitor to strengthen its consumer compliance risk management program and to address the “root causes” of any customer complaints. Green Dot has also been directed by the Federal Reserve Board to develop effective money-laundering controls and hire a third party to review certain transactions.
ISSUE 6 | 15 NEW LAWSUITS Lunch Money “Convenience Fees” Under Fire Myers, et al. v. Cybersoft Technology Inc., No. 2:24-cv-07186 (C.D. Cal.). A nationwide class action was filed against Cybersoft Technology, alleging that the defendant’s payment processing platform SchoolCafe repeatedly overcharged depositors whenever they deposited money into their children’s school lunch accounts. According to the plaintiffs, SchoolCafe imposes a deceptive “convenience fee” at the end of a long process for depositing lunch money into student accounts and does not make it clear that there are other options for parents to pay for lunches that do not involve the fees. The plaintiffs assert that, by mischaracterizing its true fee practices, Cybersoft breached the terms of its contract with the school district and the implied covenant of good faith and fair dealing. The plaintiffs also allege that, to the detriment of parents, Cybersoft has been unjustly enriched as a result of the convenience fees because school districts already pay Cybersoft for its service, and parents then have to pay them again, allowing the company to essentially charge twice for the same service. The plaintiffs also allege that the flat fee model disproportionately affects low-income families because the fee is the same regardless of how much money is deposited and regardless of whether the student receives reduced price lunches. Finally, the plaintiffs assert that Cybersoft’s conduct violates various states’ consumer protection laws. The complaint seeks declaratory and injunctive relief as well as both compensatory and punitive damages. Cybersoft’s deadline to respond to the complaint was recently extended from November 14, 2024 to December 16, 2024. DOJ Asserts Monopolizing Debit Card Market U.S. v. Visa Inc., No. 1:24-cv-07214 (S.D.N.Y.). On September 24, 2024, the U.S. Department of Justice (DOJ) filed an action against Visa accusing it of illegally maintaining a monopoly over debit card networks by using its dominance to thwart competition from new and existing rivals. The DOJ asserts that Visa is violating antitrust laws by penalizing merchants and banks that route payments through alternative payments systems and by partnering with would-be competitors rather than competing. Specifically, the DOJ argues that Visa’s anticompetitive conduct has harmed competition in three ways: (1) Visa takes advantage of its must-have status to exercise its monopoly power and deny a level playing field for its rivals and deprive them of scale; (2) Visa’s conduct forecloses competition in a substantial portion of the relevant debit markets; and (3) Visa’s conduct subverts the competitive process. The suit alleges this conduct has allowed Visa to maintain control over 60% of all debit transactions in the United States and to charge over $7 billion in fees each year for processing those transactions. CFPB Files Suit for Allegedly Trapping Families in High-Fee Credit Cards Consumer Financial Protection Bureau v. Reliant Holdings Inc., No. 2:24-cv-01301 (W.D. Pa.). On September 13, 2024, the CFPB sued Horizon Card Services and its CEO, sole shareholder, and owner for allegedly targeting financially vulnerable, subprime consumers with advertisements that promised a credit card with a specified credit limit that required no credit check. The CFPB asserts that in reality, Horizon Card Services charged consumers substantial mandatory fees to access a membership program that included a credit card that could be used only to make purchases from an online store owned by Horizon Card Services and ancillary products that had limited value and were rarely used by consumers. The CFPB claims that because of this deceptive conduct, and the extremely limited utility of the products that could be purchased with this credit card, most customers quickly dropped out of the membership program without using the credit card, thereby paying fees and receiving nothing of value in return. The CFPB asserts that the defendants also made it unreasonably difficult for consumers to cancel their memberships and obtain refunds. The CFPB alleged counts for (1) deceptive and abusive acts or practices that violate the Consumer Financial Protection Act of 2010; and (2) violations of the Truth in Lending Act. Credit Card Holders Challenge Proposed Acquisition Baker, et al. v. Discover Financial Services Inc., et al., No. 1:24-cv-01265 (E.D. Va.). Two Capital One credit card holders have filed a class action in Virginia federal court seeking to block Capital One’s $35 billion purchase of Discover. The cardholders allege the acquisition will drive down competition and further consolidate the credit card market and therefore reduce pricing pressure on Capital One and other card issuers. The plaintiffs allege that between Capital One and Discover, the proposed single issuer would control 13.68% of the card market, allowing Capital One to charge higher prices and interest rates on consumers. Capital One responded by contending the cardholders’ allegations of harm are speculative, uncertain, and not imminent. According to Capital One, the acquisition will increase payment network competition because the bank can provide a boost to Discover, the fourth-largest card network. The proposed acquisition has drawn additional scrutiny from the New York Attorney General’s Office, which filed a petition on October 24, 2024 asking a state court judge to issue Capital One a subpoena related to the office’s probe of the acquisition. The DOJ is also reviewing the proposed deal and served each company with demands seeking information and documents. The proposed acquisition still awaits approval from the Federal Reserve and Office of the Comptroller of the Currency.
ISSUE 6 | 17 Account Holders File Class Action Challenging Fraudulent Electronic Transfers Rice v. Wells Fargo Bank NA, No. 2:24-cv-02647 (E.D. Pa.). This past summer, Wells Fargo joint checking and savings account holders filed a class action against Wells Fargo in Pennsylvania federal court alleging that Wells Fargo improperly holds consumers liable for unauthorized electronic fund transfers made out of their deposit accounts, violating the EFTA and the bank’s fiduciary duties. The plaintiffs claim to be victims of a thirdparty wire fraud scheme that featured a bad actor impersonating a Wells Fargo representative and convincing the plaintiffs to provide information necessary to wire funds from their Wells Fargo accounts to the fraudster’s account at another bank. The plaintiffs purport to bring the class action on behalf of all persons in the United States who had funds electronically transferred from a deposit account held with Wells Fargo who did not authorize the transfer and were not reimbursed by Wells Fargo within one year before the filing of the complaint. On September 20, 2024, Wells Fargo filed a motion to dismiss and compel arbitration of the dispute. Wells Fargo argues the plaintiffs’ account agreements contain a binding arbitration provision that covers this dispute. Wells Fargo also argues the plaintiffs’ claims should be dismissed because the dispute involves a wire transfer that is not subject to the EFTA and the plaintiffs facilitated a breach of Wells Fargo’s security procedures by providing access to their accounts. The court has not yet ruled on the motion. FTC Files Lawsuit Against Online Bill Pay Platform Federal Trade Commission v. Doxo Inc., et al., No. 2:24-cv-00569 (W.D. Wash.). The FTC filed a consumer protection lawsuit in Washington federal court against Doxo Inc., an online bill pay platform, and two of its founders. The FTC alleges that Doxo and its founders misled consumers into believing Doxo is affiliated with companies that consumers owe bills to. According to the complaint, Doxo improperly tacks on fees by tricking consumers into thinking they have reached their billers’ official payment page when in reality, Doxo is an unauthorized payment processor unaffiliated with the biller. The FTC claims that once consumers provide their billing details, Doxo shows a final payment amount, onto which the company tacks an extra fee included only at the final payment step. The complaint alleges violations of the FTC Act, Restore Online Shoppers’ Confidence Act, and Gramm–Leach–Bliley Act. On June 24, 2024, Doxo filed a motion to dismiss the action, arguing its online bill-pay website clearly conveys that the company is not affiliated with any one biller and that the company charges separate fees, typically around $3.99 per payment. Doxo points to multiple disclaimers and the distinctive Doxo word mark, logo, banners, and colors that show no reasonable consumer would be confused about which page they were on. Doxo has also argued that before the complaint was filed, it provided the FTC more than 300,000 pages of company records and cooperated in the agency’s investigation to make the necessary changes to its landing pages. The court has not yet ruled on the motion to dismiss. On the heels of the FTC’s lawsuit, a consumer filed a class action in the same federal court against Doxo and its founders, echoing the FTC’s claims that Doxo disguised itself as the official online payment processor for legitimate businesses. That case is also still pending. NOTABLE CASE DEVELOPMENTS Merchant Class Goes to Arbitration, Then Goes to Court 5-Star General Store, et al. v. American Express Company, No. 1:24-cv-00106 (D.R.I.). On December 2, 2024, the District of Rhode Island rejected an attempt by American Express to send a putative merchant class action to arbitration. The court also rejected AmEx’s related motion to strike class allegations from the operative complaint. The dispute stems from provisions in AmEx’s Merchant Operating Guide, which prohibits merchants from stating a preference for another card, disclosing AmEx transaction costs to consumers, or charging more to consumers who use an AmEx rather than another card. It also requires disputes to be arbitrated, rather than heard in court. The merchants sought to challenge the prohibitions in the Merchant Operating Guide under federal antitrust laws, and pursuant to the guide they began in arbitration. Once in arbitration, AmEx balked at a requirement that it pay $3,150 per claim in arbitrator fees and costs on 5,155 claims. When AmEx refused to pay, the arbitrator administratively closed all 5,155 individual claims. With the arbitrations closed, the merchants sued in federal court. AmEx moved to compel arbitration, citing the provision in the Merchant Operating Guide requiring disputes to be arbitrated. The court, noting the “ironic dilemma,” denied the motion. In particular, the court ruled that AmEx’s failure to pay its assigned arbitration fees rendered it “in default” under the Federal Arbitration Act, rendering the court powerless to order arbitration. The decision means that AmEx must face the class in federal court. California Court Dismisses Suit with “Indirect and Speculative” Allegations Sabol, et al. v. PayPal Holdings Inc., et al., No. 4:23-cv-05100 (N.D. Cal.). On August 23, 2024, PayPal obtained dismissal of an antitrust suit filed by consumers who had purchased items online from retailers in October 2023. The class action targets merchant agreements between PayPal and online retailers that contain anti-steering rules prohibiting the retailers from offering discounts to customers when they use another, lower-fee payment method. The plaintiffs advanced two theories of harm in their lawsuit: first, they alleged that PayPal’s anti-steering provisions create a price “floor” by preventing merchants that accept PayPal from offering discounts to customers who use a payment method with a lower fee; and second, they argued that they would have paid lower prices for goods if not for the antisteering provisions because the provisions essentially require merchants to increase prices across the board rather than applying the PayPal fees only to transactions using PayPal. The court rejected both theories, finding them too “indirect and speculative” to allow the plaintiffs to maintain standing. In response to the first theory, the court agreed with PayPal’s argument that it does not “flow” that without the anti-steering rules, merchants would have chosen to offer discounts to customers who elected not to use PayPal. The court found that in
ISSUE 6 | 19 the plaintiffs’ second theory, causation was lacking because the plaintiffs failed to “explain the significance of the allegedly passed-on transaction fees relative to the other numerous pricing factors for any goods or services plaintiffs allegedly purchased.”Nevertheless, the court granted leave to amend, and the plaintiffs recently filed an amended complaint with more detailed allegations demonstrating the effect of the anti-steering rules on e-commerce prices and adding seven more causes of action based on violations of state antitrust laws on behalf of four subclasses. On November 21, 2024, PayPal filed a motion to dismiss the amended complaint. Eighth Circuit Sends Swipe Fee Suit Back to District Court After SCOTUS Ruled It Was Not Time-Barred North Dakota Retail Association, et al. v. Board of Governors, No. 22-1639 (8th Cir.). In August, the Eighth Circuit vacated its December 2022 decision to affirm the dismissal of a swipe fee suit and remanded the case to the district court for further proceedings following a reversal from the U.S. Supreme Court. The suit, filed in April 2021, involves a challenge to the Federal Reserve debit card swipe rules. The plaintiffs argue that the regulations issued by the board of governors of the Federal Reserve allow debit card issuers to collect excessive fees for transactions at the expense of merchants. The regulations provide for a maximum interchange fee of 21¢ per debit-card transaction and an ad valorem allowance of 0.05% of the transaction. The plaintiffs claim that the debit-card transaction fees under the regulations are arbitrary and capricious, are contrary to the Administrative Procedure Act, and violate the Durbin Amendment to the Dodd–Frank Act of 2010. In August 2021, the Federal Reserve moved to dismiss the lawsuit based on the statute of limitations. Under 28 U.S.C. § 2401(a), a complaint against the United States must be “filed within six years after the right of action first accrues.”The district court found that the statute of limitations on the claim began to run with the publication of the rule in 2011, despite the fact that the plaintiff Corner Post did not exist and therefore could not yet be harmed by the regulations. The Eighth Circuit affirmed, but the Supreme Court reversed the judgment and held that Corner Post’s claims accrued at the time of the injury, not at the issuance of the regulations. Because Corner Post was first injured when it came into existence in 2018, it filed suit well within the statute of limitations in 2021. The case will now be litigated on the merits in the District of North Dakota. Delaware Settles Unclaimed Funds Dispute Delaware v. Pennsylvania, et al., No. 145 (U.S.). In August 2024, Delaware settled a dispute with other states over hundreds of millions of dollars in uncashed MoneyGram checks that Delaware kept for itself. In February 2023, the U.S. Supreme Court unanimously ruled that Delaware had no right to keep MoneyGram checks, holding that the unclaimed funds generally belonged to the states where the MoneyGram financial products were purchased and not to Delaware. In the ruling, the Supreme Court wrote that, while generally a state has the power to take possession of abandoned property if it is located within the state, a federal law known as the Disposition of Abandoned Money Orders and Traveler’s Checks Act enacted in 1974 governs and generally gives the rights to the states where the checks were bought. Under that law, money orders that go uncashed can be generally taken by the state in which they are purchased. Thirty-two states are set to receive more than $102 million from Delaware, and this settlement resolves the issue of damages that remained outstanding after the Supreme Court’s decision. Card Misclassification Suits Settle for $1.2 Billion On July 1, 2024, Discover Financial Services agreed to a $1.2 billion settlement to resolve claims related to card misclassification. In July 2023, the company announced that since 2007, it had inadvertently misclassified certain credit card accounts into the highest pricing trier, which led to merchants being overcharged when they accepted the cards for payment. Former Discover CEO Roger Hochschild said that the issue “underscored deficiencies” in the company’s corporate governance and risk management. Discover launched an internal investigation into the issue and shared the findings with regulators in July 2023. While Discover has represented that the $1.2 billion that it set aside to resolve class members’ claims should be sufficient to cover all payments under the settlement agreement, the misclassification issue will likely cause the company to incur further financial loss in other ways. Discover currently faces a putative shareholder class action, is undergoing an SEC investigation into the issue, and is engaged in discussions with regulators that could lead to enforcement actions carrying monetary penalties. The court has preliminarily approved the settlement. Supreme Court Upholds Constitutionality of Funding Mechanism for the CFPB Consumer Financial Protection Bureau, et al. v. Community Financial Services Association of America Ltd., et al., No. 22-448 (U.S.). On May 26, 2024, the Supreme Court issued a 7–2 decision holding that the CFPB funding mechanism, as set forth in Title X of the Dodd–Frank Wall Street Reform Consumer Protection Act, is constitutional. The Community Financial Services Association of America (CFSA), a nonbank consumer lender trade association, challenged certain provisions in final rules adopted by the CFPB related to consumer payment authorizations on higher interest, shortterm consumer lending products. CFSA raised a number of arguments, including claiming that the CFPB’s funding mechanism violated the Appropriations Cause. In evaluating the CFPB’s funding structure against the Constitution’s requirements, the Court found that the agency’s appropriation mechanism is constitutionally permissible because it includes an identifiable source of public money and a designated purpose. The Supreme Court held that “appropriations need only identify a source of public funds and authorize the expenditure of those funds for designated purposes to satisfy the Appropriations Clause.”
ISSUE 6 | 21 Defendant Opposes the CFPB and NY Attorney General’s Attempt to Update Complaint Consumer Financial Protection Bureau, et al. v. MoneyGram International Inc., et al., No. 1:22-cv03256 (S.D.N.Y.). Peer-to-peer payments company MoneyGram opposed the CFPB and the New York State Attorney General Office’s motion to update their complaint in a lawsuit against the company. The CFPB and the attorney general originally sued MoneyGram in April 2022, alleging that the payments company repeatedly held up funds from intended recipients and violated other long-standing regulatory requirements for remittance providers. The complaint sought remedies in the form of fines, injunctions, and refunds for affected customers. MoneyGram responded in August 2022, arguing that the court should dismiss the case or send it to the Northern District of Texas, “where the key events and management decisions were made” at the MoneyGram headquarters. The case was stayed in December 2022 due to an ongoing U.S. Supreme Court battle over the constitutionality of the CFPB’s funding. The stay was lifted in May 2024, but the New York federal court has yet to rule on MoneyGram’s motion to dismiss or transfer the case. In the interim, the plaintiffs have asked the court to grant them leave to file an amended complaint. In opposing that request, MoneyGram argues that the plaintiffs had ample time to “shore up their pleading” while the case was stayed for almost 18 months. Additionally, the company asserts that the new complaint is based on information found in MoneyGram’s terms and conditions, which have been available for a long time. Finally, MoneyGram argued that the update would be “futile” because the new allegations do not show that customers suffered additional harm or that the case should remain in the New York court instead of being transferred to the Northern District of Texas. Rather, the plaintiffs’ “lackluster attempts to plead additional New York connections in the [second amended complaint] only highlight the strong ties that this case has to its natural home in Dallas,” according to MoneyGram. The company urged the court to deny the state and federal regulators’ attempt to update their complaint, stating that the plaintiffs’ motion was nothing more than “a bad faith attempt to salvage their flawed [first amended complaint], which is prone to transfer or dismissal.” The court has not yet ruled on the regulators’ request to amend their complaint. Court Grants Bank’s Motion to Compel Arbitration for Proposed Class Action In re Axos Bank Litigation, No. 3:23-cv-02266 (S.D. Cal.). On September 13, 2024, the court overseeing a putative class action against Axos Bank held that the lawsuit must be arbitrated. The plaintiff alleges that Axos induced the putative class into opening savings accounts that Axos represented were the highest-yield savings accounts offered, but Axos thereafter created new savings accounts with higher interest rates for new customers without informing the putative class. Axos moved the court to compel arbitration of the plaintiff’s claims based on the plaintiff’s personal deposit account agreement with Axos and Axos’s online access agreement. In ruling on the motion to compel arbitration, the court first held that there was a valid agreement to arbitrate in the online access agreement because Axos sufficiently authenticated the plaintiff’s electronic signature to the agreement and because the plaintiff meaningfully assented to the terms by accepting the“scrollwrap”agreement. From there, the court held that the arbitration agreement delegated threshold questions of arbitrability of the plaintiff’s claims to the arbitrator and ordered the case to arbitration. CFPB Wins Summary Judgment on Challenge to Small Business Data Collection Rule Texas Bankers Association, et al. v. Consumer Financial Protection Bureau, No. 7:23-cv-00144 (S.D. Tex.). On August 26, 2024, a Texas federal judge granted summary judgment to the CFPB in a lawsuit filed by trade groups over the CFPB’s Section 1071 data collection rule. The rule requires banks and nonbanks to share granular data with the CFPB about their small-business lending, including application-level details about borrower demographics, approval decisions, and loan pricing. The CFPB then expects to compile and publish the data, which Congress intended to aid in fair lending enforcement and community development. This holding follows the Supreme Court overruling the 1984 landmark Chevron v. Natural Resources Defense Council decision, which gave rise to the Chevron doctrine. In this major ruling, the Supreme Court sharply cut back the power of federal agencies to interpret the laws they administer and ruled that courts should rely on their own interpretation of ambiguous laws. The trade groups, which are led by the American Bankers Association, argued at summary judgment that the CFPB violated the Administrative Procedure Act in issuing this rule because (1) the rule exceeded the CFPB’s statutory authority and was short of statutory right; and (2) the final rule was arbitrary and capricious for failing to consider and respond to significant comments raised by interested parties and failing to undertake a proper cost/benefit analysis. In disagreeing with the trade groups, the court held that the CFPB had satisfied its obligations to “examine the relevant data and articulate a satisfactory explanation for its action including a rational connection between the facts found and the choice made.”The court concluded that the administrative record is voluminous and its breakdown of the CFPB’s decision-making is comprehensive. On October 23, 2024, the trade groups appealed this ruling to the Fifth Circuit. California Federal Court Dismisses Proposed Class Action Challenging Cryptocurrency Listing Pearl v. Coinbase Global, No. 3:22-cv-03561 (N.D. Cal.). On July 15, 2024, a federal court in California dismissed a proposed class action complaint brought against Coinbase by one of its customers relating to the company’s listing of the stablecoin UST. The plaintiff alleged that Coinbase misrepresented the risks associated with UST by identifying it as a “stablecoin” and failing to disclose certain important details.
RkJQdWJsaXNoZXIy Njk5MDg5