Out of Time, Not Out of Luck: Supreme Court holds POCs for Time-Barred Debt are OK under FDCPA

Out of Time, Not Out of Luck: Supreme Court holds POCs for Time-Barred Debt are OK under FDCPAIn a win for debt buyers and servicers, the Supreme Court held in Midland Funding, LLC. v. Johnson  that the filing of a proof of claim in a bankruptcy case for obviously time-barred debt is not false, deceptive, misleading, unfair, or unconscionable within the meaning of the Fair Debt Collections Practices Act (FDCPA).

The Decision

The Court’s decision rested on two findings: first, that stale debt is a claim under the Bankruptcy Code, and second, that debtors in bankruptcy have more protections than debtors facing collections lawsuits.

  • A claim is a claim. In bankruptcy, a claim is a right to payment. If the proof of claim is filed for a right to payment, it’s not false, deceptive or misleading. The creditor may not be able to sue on that debt, but as long as they have the right to payment, they have a claim. Alabama state law, which applied to this debt, provides for a right to payment even after the statute of limitations has expired. The plaintiff may still be able to claim staleness as an affirmative defense, and the creditor should be clear on the face of the proof of claim form about the age of the debt, but the debt is still a “claim.”
  • Bankruptcy protects the debtor. A lawsuit seeking payment of a time-barred debt may be unfair or unconscionable. The filing of a proof of claim for such debt is not. A Chapter 13 debtor has several protections, including a streamlined claims allowance process with a knowledgeable trustee at the helm. Additionally, when a claim is filed and adjudicated, that debt is discharged.

What Now? Things to Watch For

The Court’s decision seems broad at first blush, and servicers and holders of time-barred debt may be rushing to file their proofs of claim. But there are still some concerns:

  • Be aware of the facts. The Court’s holding should be read only to apply to proofs of claim where the staleness is “obvious.” Indeed, several times the Court specifically referenced “obviously time-barred debt.” Creditors filing proofs of claim for stale debt should provide sufficient information showing that the statute of limitations has passed. Not providing that information may lead to an FDCPA suit not precluded by this decision.
  • Be aware of state law. Whether the proof of claim violates the FDCPA may hinge on state law. In the majority of states, including Alabama, the right to payment survives the statute of limitations, though the enforceability does not. In some states, including Mississippi and Wisconsin, the right to payment is extinguished when the debt becomes time-barred. While the Court did not expressly hold that proofs of claim for debt governed by such state law would violate the FDCPA, creditors should take appropriate care.
  • Be aware of local precedent. At the end of its decision, the Court recognized that at least one bankruptcy court has found the filing of a time-barred claim sanctionable where the creditor did not investigate the possibility of an affirmative defense before filing (see In re Sekema). Creditors should be wary of filing such claims in this jurisdiction and any others that have held similarly.

The decision is certainly good news for the debt-buying industry. Buyers and servicers of stale debt should breathe a sigh of relief, but should take care not to step on the land mines the Court outlined for them.

Recent Cases Highlight Latest Potential Foreclosure Evidentiary Pitfall

Final Notice PapersOver the last few years, financial institutions have been forced to modify their policies and procedures to ensure that they are able to demonstrate compliance with notice provisions contained in residential mortgages prior to initiating foreclosure actions. Several recent decisions have addressed the issue of whether sufficient evidence was presented to establish that the creditor had satisfied the condition precedent under the mortgage requiring that the creditor provide the borrower with a written notice of acceleration. These recent decisions make it clear that financial institutions must formulate policies and procedures to ensure that they are able to present suitable evidence of compliance with the standard notice provisions of residential mortgages.

In Allen v. Wilmington Trust, N.A., the Florida Court of Appeals recently addressed the issue of whether a creditor had presented evidence sufficient to establish compliance with a provision in a residential mortgage that required the creditor to give written notice of acceleration. During the trial, the creditor presented the testimony of a case manager employed by the current loan servicer regarding the boarding process the servicer used to verify the records of the prior servicer in order to establish that notice of acceleration was mailed. At the close of the evidence, the trial court rejected the borrower’s argument that the creditor had failed to establish that it met the condition precedent of giving notice of acceleration and concluded that the case manager’s testimony was sufficient to establish that the acceleration letter was mailed.

The Second District Court of Appeals reversed, finding that the servicer did not offer proof that the letter had in fact been mailed. The appellate court held that a creditor must present additional evidence to establish that the notice was actually mailed, such as proof of regular business practices by a person with personal knowledge of such practices, an affidavit swearing that the letter was mailed, or a return receipt. The case manager, who was never employed by the predecessor servicer, admitted that she was not familiar with its predecessor’s mailing practices. Thus, the appellate court held that because neither the boarded documents nor the case manager’s testimony established mailing, the creditor did not meet its burden of proving it satisfied the condition precedent of giving notice of acceleration and remanded for dismissal.

Similarly, in Edmonds v. U.S. Bank N.A., among the documents introduced at trial were several acceleration letters identifying the prior servicer as the entity giving such notice. A default specialist for the successor servicer testified that he knew the letters had been mailed because they were addressed to the borrowers at the property address, adding that it “is the business practice to send letters on loans that are delinquent and these letters are sent every month.”  Significantly, the default specialist, who had never been employed by the prior servicer, conceded that he had no knowledge of the prior servicer’s mailing practices. At the conclusion of the creditor’s case, the trial court rejected the borrower’s argument that the creditor had failed to establish that that the acceleration letters had in fact been mailed and entered a final judgment of foreclosure. On appeal, the court reversed the judgment after finding that the creditor had failed to show that the acceleration letters were mailed in accordance with the terms of the mortgage.

In another recent case, JPMorgan Chase Bank N.A. v. Jean Pierre, the creditor sought to introduce the acceleration letter sent to the borrowers by its predecessor. At trial, the plaintiff produced a witness that was a case manager for the loan servicer who “was extensively trained” as to both the original lender and the creditor’s record-keeping policies and procedures. The case manager testified that it was the regular business practice of the original lender to have its collections department create an acceleration letter, print and mail out the letter to the borrower, and then upload the letter into its imaging system. She also testified that the loan servicer’s boarding department verified the acceleration letter’s accuracy and that it was actually mailed by checking with the prior servicer and/or cross-referencing the collection and servicing notes. After the trial court excluded the acceleration letter based on the borrowers’ hearsay objection and entered judgment in favor of the borrowers, the Fourth District Court of Appeals found that the trial court erroneously excluded the notice of acceleration. Citing another recent decision, the appellate court determined that the notice of acceleration should have been admitted, because the witness was “well enough acquainted with the activity to provide testimony.” Significantly, the appellate court highlighted the witness’ familiarity with how the original lender and servicer created, delivered, and stored default letters within its normal course of business. Additionally, she made clear that the current servicer’s boarding department verified the default letter’s accuracy and that it was actually mailed by checking with the prior servicer and/or cross-referencing the collection and servicing notes. In doing so, the appellate court appears to have provided creditors with a roadmap for the type of evidence that will be necessary to satisfy a condition precedent under the mortgage requiring that the creditor provide the borrower with a written notice of acceleration prior to the initiation of a foreclosure action.

These recent decisions highlight the need for successor creditors and servicers to review their policies and procedures related to boarding service transferred loans and focus on taking the steps necessary to avoid evidentiary issues related to proving that required notice was actually mailed by the prior servicer. Because direct evidence of mailing, such as a return receipt, mailing log, or affidavit of mailing, is not always available, successor creditors and servicers must ensure that they have a witness who is familiar with and has personal knowledge of their predecessor servicer’s customs and practices related to mailing required notices. To be sure, creditors that fail to consider these future evidentiary issues in formulating their policies and procedures do so at the risk of significant litigation and regulatory costs.

New Bankruptcy Rules to Take Effect December 1, 2017

Gavel on bankruptcy Law booksAfter several years of drafting, debate, compromise and fine tuning, it appears that major changes to the administration of consumer bankruptcy cases are imminent. On April 27, 2017, Chief Justice John Roberts submitted to Congress amendments to the Federal Rules of Bankruptcy Procedure that will have a profound impact on consumer bankruptcy cases. The most noteworthy changes are: 1) the required use of a Model Chapter 13 Plan (Official Form 113), subject to a district “opt-out” under certain conditions; 2) the explicit requirement that secured creditors file a proof of claim, qualified by the express recognition that a lien is not void due only to the failure to file such a claim; 3) the establishment of a proof of claim bar date tied to the bankruptcy filing date; 4) the establishment of certain deadlines related to plan confirmation; and 5) the express recognition of certain mechanisms for determining the amount of secured and priority claims.

  • Model Chapter 13 Plan – Amended Rule 3015 provides that if there is an official form for a plan filed in a Chapter 13 case, that form must be used unless a local form has been adopted in compliance with Rule 3015.1. Amended Rule 3015 further provides that nonstandard provisions are effective only if included in the appropriate designated section of the form. Rule 3015.1 allows districts to adopt a local form for a plan filed in a Chapter 13 case, subject to a number of restrictions that ensure the district’s retention of the key content of the official form. Amended Rule 3015 and Rule 3015.1 should streamline the plan review process for creditors, who now will be able to more easily locate the debtor’s proposed treatment of their claims and any nonstandard provisions within the plan.
  • Proof of Claim Requirement and Timeline – Amended Rule 3002(a) clarifies that secured creditors must file a proof of claim for the claim to be allowed, provided that a lien that secured a claim against the debtor is not void due only to the failure of any entity to file a proof of claim. Amended Rule 3002(c) provides that in voluntary cases under Chapter 7, 12, or 13, a proof of claim is timely filed if it is filed not later than 70 days after the bankruptcy filing date. Under Amended Rule 3002(c)(7), a proof of claim filed by the holder of a claim that is secured by a security interest in the debtor’s principal residence is timely filed if:
    • the proof of claim (Official Form 410), together with the proof of claim attachment (Official Form 401A) and escrow analysis (if applicable) required under Rule 3001(c)(2)((C), is filed not later than 70 days after the bankruptcy filing date; and
    • any attachments required by Rule 3001(c)(1) and (d) – such as the note (with any endorsement or allonge), mortgage or deed of trust, and relevant assignments or supporting documents – are filed as a supplement to the holder’s claim not later than 120 days after the bankruptcy filing date.

These amendments tighten the proof of claim deadline for creditors, but also should provide both more certainty on a case-by-case basis with respect to the bar date. In contrast, the current rule provides a deadline tied to the first date set for the meeting of creditors, which may vary by case or district. Moreover, the amendments permit creditors to submit the proof of claim and attachments related to the claim amount within 70 days, while providing creditors with an additional 50 days to collect the related loan documents to be filed as a supplement.

  • Plan Objection and Confirmation Hearing Deadlines – Amended Rule 2002(a) provides that the clerk, or some other person as the clerk may direct, shall give at least 21 days’ notice by mail of the deadline to object to confirmation of a Chapter 13 plan. Amended Rule 2002(b) provides that the clerk, or some other person as the clerk may direct, shall give at least 28 days’ notice by mail of the hearing on confirmation of a Chapter 13 plan. Amended Rule 3015(f) also provides that an objection to confirmation of a plan shall be filed and served at least seven days before the date set for the hearing on confirmation, unless the court orders otherwise. These rules provide a degree of uniformity and predictability across districts with respect to the timing of key events in the confirmation process.
  • Determining the Amount of Secured and Priority Claims – Amended Rule 3012 expressly sets forth various mechanisms by which courts may determine the amounts of secured claims, namely a motion, claim objection, or a Chapter 12 or 13 plan. Courts may determine the amount of priority claims by motion (after a claim is filed) or claim objection. Notably, Amended Rule 3015(g) provides that any determination made in the plan made under Rule 3012 about the amount of a secured claim is binding on the holder of the claim, even if the holder files a contrary proof of claim or the debtor schedules that claim, and regardless of whether an objection to the claim has been filed. This provision underscores the need for creditors to carefully review the debtor’s plan to determine whether an objection is necessary.

The foregoing amendments, while burdensome in some respects, should aid creditors in their efforts to formulate more streamlined procedures related to consumer bankruptcy cases. Uniform proof of claim deadlines, coupled with consistent plan content and notice and objection deadlines across districts, should foster a level of predictability and allow creditors to more efficiently process consumer bankruptcy cases. The tightened proof of claim deadline, while likely presenting an initial challenge to creditors with regard to the financial information needed to populate the proof of claim form and attachment, provides flexibility with respect to the gathering of supporting loan documents.

The Bank Next Door: Part I – Using Social Media to “Friend” Customers

[This post is the first in a series of post which will examine the risks, rewards, innovative uses, and changing legal landscape of social media use by financial services institutions. Future blog posts will examine topics such as: monitoring and managing consumer complaints through social media, disgruntled employee use of social media, and control over content and message. These forthcoming postswill address the risks associated with these issues and provide practical solutions for mitigating those risks.]

All social networks connected together

Many of us use social media to connect with friends and family far and wide. Social media allows us to build on those personal relationships by sharing pictures and stories— including those self-promoting posts about our great vacation instead of the tantrum our 3-year-old is having. This dual connectivity and image branding has caught the eye of many companies, including innovative financial institutions which are creating new “fun” reputations by interacting with prospective and current customers through social media.

A recent American Bankers Association research study entitled “The State of Social Media in Banking” (ABA Social Media Study) highlights how banks are creating personable images and building their social capital. For example, Central National Bank in Waco, Texas, has created several YouTube video parodies, including one on why banks close for Columbus Day, which received over 4,000 views. Another bank, First Bank Financial Centre in Oconomowoc, Wisconsin, posts a picture of a bobblehead figure of the bank’s CEO somewhere in the world and encourages Facebook users to guess the location. The ABA Social Media Study examined how banks are taking advantage of social media by collecting survey data from nearly 800 banks of all sizes (from those less than $250 million to those over $10 billion). Of those surveyed, almost 75 percent of banks said they were somewhat or very active on social media. According to the data, this is a recent trend, with approximately 30 percent of banks surveyed indicating that they have been using social media for less than two years, while another 33 percent have been using social media for less than four years. Another 14 percent indicated that they do not currently use social media, but many of those plan to begin using social media in the next one to two years.

The creative use of social media allows financial institutions to create a personal connection with their customers. Put succinctly, the ABA Social Media Study stated, “Social media tweets and feeds are helping to transform bank personas from anonymous institutions into friendly and approachable members of the community.”

The ABA Social Media Study serves as evidence that social media utilization by financial institutions is only going to increase in the future and cannot be ignored as a means to promote an institution’s brand and grow business. As more financial institutions become active participants in all types of social media, including Facebook, YouTube, Twitter, LinkedIn and Instagram, careful consideration must be made about the institution’s goals, risk appetite, governance, and regulatory concerns, as well as consideration of practical issues about who posts and what is posted. There are, no doubt, many advantages to utilizing social media including: community engagement, deepening customer relationships, attracting new customers, customer service, recruiting and advertising. While each of these advantages comes with potential risks, those risks can be minimized by developing robust policies and procedures, oversight and governance, and conducting legal analysis prior to becoming active on social media. Once active, an institution must continue to provide oversight and governance; continually update policies and procedures; keep abreast of regulatory requirements and guidance, including new state and federal laws and legal precedent; and ensure feedback loops based on customer complaints or issues that may arise.

A starting point is the Federal Financial Institutions Examination Council’s (FFIEC) guidance titled “Social Media: Consumer Compliance Proposed Guidance” (FFIEC Guidance) which addresses the applicability of existing federal consumer protection and compliance laws, regulations, and policies for social media use by banks and non-bank entities alike. The FFIEC Guidance states that a financial institution should include the following components in a social media risk management program:

  • A governance structure with clear roles and responsibilities whereby the board of directors or senior management direct how using social media contributes to the strategic goals of the institution (for example, through increasing brand awareness, product advertising, or researching new customer bases) and establish controls and ongoing assessment of risk in social media activities;
  • Policies and procedures (either stand-alone or incorporated into other policies and procedures) regarding the use and monitoring of social media and compliance with all applicable consumer protection laws and regulations, and incorporation of guidance as appropriate. Further, policies and procedures should incorporate methodologies to address risks from online postings, edits, replies, and retention;
  • A risk management process for selecting and managing third-party relationships in connection with social media;
  • An employee training program that incorporates the institution’s policies and procedures for official, work-related use of social media, and potentially for other uses of social media, including defining impermissible activities;
  • An oversight process for monitoring information posted to proprietary social media sites administered by the financial institution or a contracted third party;
  • Audit and compliance functions to ensure ongoing compliance with internal policies and all applicable laws and regulations, and incorporation of guidance as appropriate; and
  • Parameters for providing appropriate reporting to the financial institution’s board of directors or senior management that enable periodic evaluation of the effectiveness of the social media program and whether the program is achieving its stated objectives.

In addition to the above guidance, financial institutions must consider how social media interacts with deposit and lending products, advertising plans, payment systems, BSA/AML requirements, complaint procedures, employment policies, the Community Reinvestment Act, data privacy and breach notification laws. Similarly, cybersecurity policies should be reviewed to ensure that social media interactions do not subject the institution to cyber hacks or social engineering schemes. Once those policies and controls are in place, the financial institution must ensure that all employees are properly trained. It is imperative that the company work as a whole, with IT, compliance, HR, legal, and business units working seamlessly to ensure that the risks of using social media are minimized while the advantages are maximized.

CFPB’s Fair Lending Report Indicates Increased Focus for 2017 on Servicing and Small Business Lending

Small Business OwnerFor many of us, the mention of fair lending enforcement immediately brings us to the origination side of the industry, specifically conjuring thoughts of redlining and Home Mortgage Disclosure Act (HMDA) data. While these topics will always remain a significant focus of regulatory effort in the fair lending space, the recently released Fair Lending Report of the Consumer Financial Protection Bureau makes clear that fair lending supervision and enforcement is not limited to redlining and HMDA data, and, in fact, is not limited to origination activities. In this report, the Consumer Financial Protection Bureau (CFPB) explicitly highlights its intent to increase focus in the servicing space, both for mortgages and student loans, in an effort to determine whether delinquent borrowers may have more difficulty working out loss mitigation solutions because of their race or ethnicity.

Last week, the CFPB issued its fifth annual Fair Lending Report, which discusses the CFPB’s 2016 supervisory and enforcement activity, rulemaking, and interagency coordination with regard to fair lending. More important to the consumer finance industry looking forward, the report also previews the CFPB’s fair lending priorities for 2017. The report specifically identifies three areas where the CFPB intends to focus its efforts in the coming year: (1) redlining, (2) mortgage and student loan servicing, and (3) small business lending. While redlining in mortgage lending has been a past area of focus, the emphasis on mortgage and student loan servicing and small business lending represents a shift in the CFPB’s efforts. With the announcement of its new priorities, it appears the CFPB has moved away from its 2016 emphasis on indirect auto lending and credit cards, which, along with mortgage lending, provided the basis for the CFPB’s eight referrals to the Department of Justice in 2016 wherein the CFPB cited a pattern or practice of discrimination in violation of the Equal Credit Opportunity Act. According to the report, the CFPB utilized risk-based prioritization to identify its areas of focus for 2017, naming redlining, mortgage and student loan servicing, and small business lending as areas where it saw significant or emerging fair lending risk to consumers.

While the CFPB does not appear to be pulling away from the customary fair lending focus on mortgage origination, last week’s report signals to the industry that the CFPB’s focus will continue to expand to encompass products and activities outside of the traditional space, including servicing activities.

How’d You Score That? CFPB Fines Experian Because of Misleading Credit Score Marketing

Credit Score MeterWhether it’s a football game, a standardized test, or a person’s credit, scores matter. In the case of consumer credit scores, the difference between falling in the high and low ends of the score spectrum impacts the financial lives of individuals. Understandably, many seek out their credit scores so that they know where they fall along that spectrum. Well-known credit reporting agency Experian marketed a service that provided just that: consumer access to credit scores used by lenders in making their credit decisions. According to a March 23, 2017, consent order (which also outlined a separate Experian violation) announced by the Consumer Finance Protection Bureau (CFPB), however, the scores provided by Experian were not what Experian represented them to be.

From 2012 to 2014, Experian marketed access to credit scores by, according to one representative advertisement, inviting consumers to “see the same type of information lenders see when assessing your credit.” Once individuals accepted the invitation, though, they did not see the actual score that lenders used. Instead, Experian provided them a different “educational” score. In actuality, lenders rarely used the educational score when making credit decisions. As a result, the CFPB found that Experian used misleading and deceptive practices in marketing access to the credit scores, in violation of the Consumer Financial Protection Act.

Importantly, the CFPB found a violation despite the fact that (1) Experian did not explicitly state that the scores it offered were the same ones used by lenders, and (2) Experian included a disclosure that the score it provided was “for educational purposes and is not the same score used by lenders.” According to the CFPB, in many instances, the disclosure was not appropriately conspicuous or close to the representations.

In light of the consent order, others in the marketplace offering access to credit scores should review the representations they are making when advertising their products. At least in the eyes of the CFPB, educational scores are not the same as those scores used by lenders, and it would be unwise to equate the two in marketing materials. A misleading representation about a product’s significance may still be misleading even if accompanied by a disclosure, especially those that are inconspicuous. The CFPB’s action makes clear that, in any event, it will continue to keep score of how access to credit scores is marketed.

Securities Legislative Update – Elderly Investors 2017

elderly coupleThe SEC recently approved FINRA’s proposed rule aimed at preventing fraud and abuse of senior investors. On March 30, FINRA issued Regulatory Notice 17-11, setting the effective date for the new rule as February 5, 2018. The notice provides for the adoption of new FINRA Rule 2165, which will permit members to place temporary holds on disbursements of funds or securities from the accounts of specified customers where there is a reasonable belief of financial exploitation of these customers. It also provides for amendments to FINRA Rule 4512, requiring members to make reasonable efforts to obtain the name of and contact information for a trusted contact person for a customer’s account. FINRA proposed the new rule in response to concerns over abuse of the rapidly growing number of aging baby boomers.

In addition, several states have also recently adopted or proposed legislation aimed at protecting elderly or vulnerable persons’ investment interests. On March 27, Mississippi’s governor approved an amendment to the Mississippi Securities Act, which provides additional post-registration requirements for certain broker-dealers and investment advisers relating to “vulnerable persons.” The Mississippi Vulnerable Persons Act defines vulnerable persons as a person whose ability to perform the normal activities of daily living is impaired due to a mental, emotional, physical or developmental disability or dysfunction, or brain damage or the infirmities of aging. Investment advisers and broker-dealers are required to notify the Department of Human Services if they know or suspect a vulnerable person has been or is being abused, neglected, or exploited. The amendment further requires them to notify the Secretary of State’s Office and will allow them to notify a third party or delay disbursements if they reasonably believe financial exploitation has been attempted or has occurred. The amendment, along with its immunity provisions, aims to encourage firms to report potential financial exploitation as early as possible.

A proposed amendment to the Tennessee Securities Act increases penalties for violations wherein senior citizens and adults with certain mental or physical dysfunctions are victims, among other changes.  The amendment requires certain individuals to notify the commissioner if they reasonably believe that financial exploitation of a “designated adult” has been attempted. It also allows a broker-dealer or investment adviser to delay a disbursement from a designated adult’s account in the case of suspected financial exploitation. The Act defines a designated adult to include persons 65 years of age or older. TN HB0304, setting forth these amendments, was introduced on January 31, 2017, and has been placed on the Insurance and Banking Committee calendar for consideration on April 4, 2017. TN SB1192, also setting forth these amendments, was introduced on February 9, 2017, and has also been placed on the Senate Finance, Ways and Means Committee calendar for consideration on April 4.

Proposed amendments to the Texas Securities Act are also aimed at protecting vulnerable adults and elderly persons from financial exploitation and abuse. The amendments require certain persons to notify the broker-dealer or investment advisor of any suspected financial exploitation of vulnerable adults or elderly persons, who is then required to investigate the suspected exploitation. They also require the dealer or advisor to adopt certain internal policies to facilitate the notification process and outline requirements for transaction holds involving an account of a vulnerable adult. TX HB3921, setting forth vulnerable adult amendments, was introduced on March 10, 2017. TX SB2067, also setting forth vulnerable adult amendments, was introduced on March 10, 2017, and was referred to the Senate Business and Commerce Committee on March 28, 2017, where it remains pending. TX HB3224, setting forth elderly persons amendments, was introduced on March 7, 2017. TX HB3972 also sets forth elderly persons amendments and was introduced on March 10, 2017.

Given the recently proposed FINRA rule, other states are likely to follow by enacting additional legislation aimed at preventing the exploitation of elderly and vulnerable investors.

Bank Acting as Fiduciary Seeks Reversal of “Unprecedented” Tort Liability

Funeral ServicesIn Jo Ann Howard & Associates, et al. v. National City Bank; PNC Bank, N.A., now pending before the United States Court of Appeals for the Eighth Circuit, a Missouri bank entered into a contractual and statutorily authorized role as trust administrator of “pre-need” funeral services accounts. The accounts were funded by a company called National Prearranged Services (NPS) from its sales of “pre-need” contracts to individuals who could thereby purchase future funeral services at current fixed pricing. While the factual background is convoluted, the bank apparently facilitated distribution of the trust funds upon the instructions of NPS, the trust beneficiary, and these funds subsequently were misappropriated by NPS. Claims against the bank for negligence and breach of fiduciary duty were presented to the jury, resulting in a $390 million adverse verdict that included punitive damages. The $350 million in compensatory damages, according to briefs filed in the case, had little or no relation to the amount of trust funds actually lost.

PNC Bank as successor to the Missouri bank and the American Bankers Association as amicus are pleading for the appellate court to recognize a distinct line between trust liability and tort liability. PNC and the ABA assert that fiduciaries should be assessed only under the law of equity, whereas the lower court permitted both equitable and legal claims to go to the jury. Appellants argue that a corporate trustee’s duties and responsibilities are governed by the trust agreement itself and by common and statutory trust law. If the lower court’s judgment is not overturned, according to the ABA, then there will be a severe impact on the ability and willingness of banks and trust companies to offer corporate trustee services.

Generally speaking, a corporate trustee is charged with taking appropriate measures to protect trust assets. The trustee’s violation of this charge, whether characterized as negligence or other tortious conduct, should result in liability that corresponds to the consequential detriment to the trust assets. If the PNC ruling is allowed to stand, corporate fiduciaries will likely need to review whether more risk-expansive tort law principles – foreseeability, duty, causation – might be applied to their role as trustee.

One might wonder whether any pronouncements from the Eighth Circuit will parallel the recent trend, now delayed, toward establishing fiduciary rules in the securities industry. We anticipate, however, the appellate court will be constrained by the unique circumstances presented in this case, including the Missouri statutory scheme supporting these “pre-need” funeral service trust accounts. The Eighth Circuit heard oral argument on September 20, 2016, so a decision could be forthcoming soon.

States Oppose OCC’s proposed Fintech Charter

interest ratesAs part of its push to promote innovation in the financial services industry, the Office of the Comptroller of the Currency (“OCC”) plans to allow financial technology (“fintech”) companies to become special purpose national banks. If the proposal is successful, fintech companies could secure a charter providing them with preemptive effects of federal law over the patchwork of state laws under which fintech companies now operate. For example, online lenders could export their home state interest rates to avoid state-specific usury caps while money transmitters would no longer need a separate state licenses. In exchange for this federal cloak, fintech companies would voluntarily subject themselves to the similar OCC supervision as national banks, including consumer protection laws and BSA/AML requirements.

A fintech charter has the potential of facilitating innovative companies. But the states are not likely to cede their regulatory territory easily. State attorneys general, state regulators and the Conference of State Bank Examiners all oppose OCC’s move as an attack on federalism and state regulatory oversight. Those groups fear that the preemptive effect of a federal charter will nullify their ability to protect consumers. Most notably, New York Department of Financial Services Superintendent Maria Vullo has publically stated that she strongly opposed the proposal. Other commentators have suggested that the charter would impart a competitive advantage on large companies that can afford the costly OCC application process to the detriment of small start-ups.

Because of their opposition, the states are likely to mount legal challenges to any final rule. For instance, there is a significant open question about whether OCC’s enabling statute, dating back to 1863, even conveys authority to grant such charters. States might also argue that the charter represents a violation of state sovereignty. Absent a distinct shift in Supreme Court precedent, however, this position seems dubious because such companies are almost always engaged in interstate commerce and because the benefits of state regulation are easily outweighed by the access created by a unified federal system. On the policy side, states could argue that the charter has the potential of eventually bringing almost all non-bank financial activity within the OCC’s ambit, thereby stifling competition and innovation and creating regulatory capture.

Legal and public policy challenges may not be the most effective tool available to states. If the OCC overreaches on the scope of this optional regulatory burden, the states could seize the opportunity to create and adopt a competing uniform code to create a consistent, more favorable alternative to federal law. To compete against the threat of a state-based alternative, the OCC could take steps to sweeten the deal such as helping to ensure that charter holders are granted access to the Federal Reserve System.

The OCC fintech charter holds a great deal of promise. But to reach its full potential, OCC will need to do something familiar to the states—compete.

New York Sets Its Sights on Cybersecurity Weaknesses at Financial Institutions

CybersecurityThe New York State Department of Financial Services’ (NYDFS) cybersecurity regulations went into effect March 1, 2017, and the first of the staggered implementation deadlines is quickly approaching on August 28, 2017. Touted by the NYDFS as the “first in the nation” comprehensive cybersecurity regulation, the new rules pose significant compliance challenges for those covered entities that are subject to the regulation. The covered entities include any business operating under New York’s banking, insurance, or financial services laws. Covered entities should expect compliance with these regulations to elevate the importance of cybersecurity within their businesses, both for activities within and outside of New York. Even financial institutions that do not operate in New York should pay close attention, as the NYDFS’s regulations are likely to serve as a model for other states aiming to ensure increased cybersecurity for consumers.

An overarching theme in the new regulations is the NYDFS’s intent to make cybersecurity a priority for a covered entity’s senior management. The regulations assume that senior management will be intimately involved with the company’s cybersecurity protocols. For example, the regulations require a senior officer or the board of directors to approve written cybersecurity policies and procedures and to certify annually to the NYDFS that the organization is in compliance with the department’s regulations. A senior officer qualified to make these decisions must be a “senior individual” at the company who is “responsible for the management, operations, security, information systems, compliance and/or risk of a Covered Entity.” Each covered entity is also required to appoint a Chief Information Security Officer (CISO) who must report directly to the entity’s board of directors regarding its cybersecurity program and any material cybersecurity risks. Based on these provisions, covered entities should expect the NYDFS to seek to hold senior management responsible for cybersecurity failures.

As a direct result of the increased emphasis on management responsibility for cybersecurity, the CISO is likely to become a more important figure within covered entities. The regulations require each covered entity to appoint a CISO who not only has authority to oversee and implement the business’s cybersecurity program but also the authority to enforce the company’s cybersecurity policies. Practically speaking, these requirements will likely lead to a significant change in the way CISOs are viewed within an organization. Given the emphasis the regulations place on holding upper management responsible for a business’s cybersecurity program, it is imperative that the CISO is a person the business trusts to make discretionary decisions about cybersecurity policy and to be thorough and straightforward in reporting cybersecurity issues to upper management. It is also important that the business provide the CISO with the funding necessary for cybersecurity policies to be effectively implemented and enforced. Simply having a cybersecurity policy in place will not be enough to satisfy the regulations.

In designing a strategy for implementing the changes that the new regulations necessitate, covered entities should keep in mind that the NYDFS’s intent is not only to protect the business’s information systems but “to promote the protection of customer information.” The NYDFS expects a compliant cybersecurity program to protect not only the business itself but also the customers of a covered entity. Therefore, when completing risk assessments of its cybersecurity programs and designing policies and procedures, businesses must consider the risks that its policies and operating procedures pose to consumers. It is easy to see how regulatory authorities outside of New York may extend this focus on protecting consumers to hold entities responsible for cybersecurity failures when their policies and risk assessments do not include an express focus on consumer protection.

In sum, expect the new regulations to lead to:

  • Increased scrutiny into senior management’s involvement with your organization’s cybersecurity program;
  • Elevation of the CISO to a more senior and central role in your organization; and
  • Increased scrutiny from other regulating authorities into whether your organization’s cybersecurity plan and risk management assessments consider risks to the consumer.

The NYDFS’s new regulations will necessitate broad changes for covered entities that reach well beyond a business’s New York operations. Though the regulations do not identify specific penalties for noncompliance, covered entities should expect the NYDFS to approach enforcement with the same gusto it has displayed in enforcing similar regulations.