Compliance Blog

Jul 20, 2022

The Bureau Has Been Busy - A CFPB Roundup

In addition to publishing some recent advisory opinions, the Consumer Financial Protection Bureau (CFBP) has been busy cooking up some enforcement actions (EA).  Here are two notable EAs that have come out recently.

So I guess you could say I'm very busy these days

Bank of America Consent Order

On July 14, 2022, the CFPB announced a consent order with Bank of America (B of A) for UDAAP and Regulation E violations.  Bank of America had contracted to provide state-issued unemployment benefits to benefit recipients via prepaid cards. Regulation E requires prepaid government benefit cards to follow the error resolution process under section 1005.11.  However, during the unemployment benefit surge brought on by the pandemic, Bank of America failed to conduct “reasonable investigations” as required by Reg E, and instead tried to weed out fraud by setting up a “a fraud filter with a simple set of flags that automatically triggered an account freeze” when fraud was suspected. The bureau alleged that this resulted in “thousands of legitimate cardholders” have their accounts frozen due to false-positives in the fraud filter, which meant those cardholders could not access their unemployment benefits. The bureau also alleged that B of A made it difficult for cardholders to unfreeze their prepaid cards or report fraudulent use of their cards, and also referred consumers to the California state unemployment department, which the CFPB says B of A knew was overwhelmed.

The violations, as outlined in the consent order, include:

  1. B of A engaged in unfair acts or practices by determining no error had occurred and freezing cardholder accounts based solely on the results of its automated Fraud Filter;
  2. B of A failed to conduct reasonable investigations of unemployment insurance benefit prepaid debit cardholders’ notices of error;
  3. B of A engaged in abusive acts or practices by retroactively apply its automated Fraud Filter to reverse permanent credits for unemployment insurance benefit prepaid debit cardholders whose notices of error it had previously investigated and paid;
  4. B of A engaged in unfair acts or practices by impeding unemployment insurance benefit prepaid debit cardholders’ efforts to file notice of error and seek liability protection from unauthorized EFTs; and
  5. B of A failed to timely investigate and resolve unemployment insurance benefit prepaid debit cardholders’ notices of error concerning alleged unauthorized EFTs.

The CFPB imposed a $100 million fine on the B of A (in addition to a $125 million fine imposed by the OCC, for a total of $225 million), and is also asking B of A to provide redress to consumers who had their accounts frozen due to the faulty fraud filter.

ACE Cash Express Lawsuit

On July 12, 2022, the Bureau announced a lawsuit against repeat offender ACE Cash Express (ACE) for UDAAP violations, alleging that the payday lender concealed free repayment plans from struggling borrowers, causing them to pay hundreds or thousands of dollars in reborrowing fees when they were eligible for free repayment plans.  The CFPB alleges that “these practices generated at least $240 million in fees for ACE, while keeping borrowers in debt.”  Additionally, the complaint alleges that the lender was dishonest about the number of times it would attempt to debit borrowers bank accounts for repayment of loans.

The allegations in the new complaint include:

  1. ACE deceptively concealed a free repayment plan option when consumers expressed an inability to repay their current loans;
  2. ACE used unfair means to funnel consumers into costly repayment plans when free repayment plans were available;
  3. ACE engaged in abusive acts or practices by materially interfering with consumers’ ability to understand a term or condition of their loans, namely that they had a contractual right to a free repayment plan;
  4. ACE abusively took unreasonable advantage of consumers’ lack of understanding of the cost or conditions of available repayment options;
  5. ACE engaged in unfair practices when it withdrew funds from consumers’ bank accounts without authorization;

The bureau is seeking monetary relief for harmed consumers, disgorgement or compensation for unjust gains, injunctive relief, and civil money penalties.

In a 2014 enforcement action against ACE, the CFPB entered into a consent order with the lender for $5 million in consumer refunds, a $5 million fine, and the lender agreed to end illegal debt collection threats and harassment, and to stop pressuring consumers into cycles of debt.  ACE is still bound by the order from this previous case. 

As we previously blogged, the CFPB has been laser focused on repeat offenders, and this is just the latest in a string of actions against institutions that the bureau has seen before.

About the Author

Rebecca Tetreau, Senior Regulatory Compliance Counsel, NAFCU


Rebecca Tetreau joined NAFCU as regulatory compliance counsel in February 2021 and was promoted to senior regulatory compliance counsel in August 2022. In this role, Rebecca helps credit unions with a variety of federal regulatory compliance issues.

Read full bio