In its second lawsuit filed under Acting Director Uejio, the CFPB alleges that BrightSpeed Solutions, Inc. and its founder and former chief executive officer violated the Consumer Financial Protection Act and the Telemarketing Sales Rule by processing payments for companies engaged in internet-based technical-support fraud.  The lawsuit serves as a reminder of the risks to payment processors of failing to implement adequate policies and procedures designed to avoid establishing or maintaining relationships with disreputable merchants.

In its complaint filed in an Illinois federal district court, the CFPB alleges that between 2016 and 2018, the defendants processed remotely-created checks (RCC) for more than 100 merchant-clients that purported to provide antivirus software and technical-support services but actually tricked consumers, often older Americans, into purchasing expensive and unnecessary computer software (Tech-Support Clients).  The sales resulted from telephone calls initiated by consumers who viewed online advertising placed by Tech-Support Clients.

The CFPB alleges that the defendants:

  • Were aware of nearly a thousand consumer complaints about Tech-Support Clients and police reports filed by consumers
  • Had an overall return rate for Tech-Support Clients that averaged between 22% and 24%
  • Received expressions of concern about consumer complaints concerning Tech-Support Clients from the banks at which the defendants maintained RCC processing accounts
  • Made false and misleading statements to the banks about the degree to which they vetted Tech-Support Clients, the nature of their business relationships with Tech-Support Clients, and the degree to which they monitored their transactions
  • Failed to put reasonable controls in place to meaningfully vet Tech-Support Clients
  • Failed to monitor and promptly suspend a Tech-Support Client after learning it was likely defrauding consumers

The TSR prohibits (1) a seller or telemarketer from creating RCCs or causing RCCs to be created as payment for goods or services sold through telemarketing, and (2) any person from providing substantial assistance to a seller or telemarketer when such person “knows or consciously avoids knowing” that the seller or telemarketer is engaged in a practice that violates the RCC prohibition.  Based on the conduct described above, the CFPB alleges that the defendants provided substantial support to Tech-Support Clients in violation of the TSR and engaged in unfair acts and practices in violation of the CFPA because they knew or should have known that Tech-Support Clients were using RCCs in violation of the TSR’s RCC prohibition and were engaging in fraud.

The CFPB’s complaint asks the court to prohibit the defendants from participating in the business of payment processing and also seeks damages, consumer redress, disgorgement, and civil money penalties.

In recent years, the FTC has made payment processors an enforcement focus.  The FTC has indicated that it views scrutiny of payment processors as integral to its anti-fraud efforts because of the processor’s role in facilitating fraudulent schemes.  Under former Director Cordray’s leadership, the CFPB targeted payment processors for companies involved in alleged debt collection scams and alleged debt settlement or relief scams.