As previously reported in May 2024 FHA announced a requirement for FHA approved lenders to notify the U.S. Department of Housing and Urban Development (HUD) of Significant Cybersecurity Incidents, and the requirement was effective immediately.  Apparently in response to industry criticism, in Mortgagee Letter 2024-23 FHA announced revised requirements.

Originally, for purposes of the reporting requirement, a Significant Cybersecurity Incident (Cyber Incident) is “an event that actually or potentially jeopardizes, without lawful authority, the confidentiality, integrity, or availability of information or an information system; or constitutes a violation or imminent threat of violation of security policies, security procedures, or acceptable use policies and has the potential to directly or indirectly impact the FHA-approved mortgagee’s ability to meet its obligations under applicable FHA program requirements.” … Continue Reading

The Attorney General for the District of Columbia has filed suit against ActiveHours Inc., doing business as EarnIn, alleging that the app-based lender deceptively marketed and provided illegal high-interest loans to more than 20,000 consumers in DC.

In the suit, filed in D.C. Superior Court, Attorney General Brian L. Schwalb alleged that the company falsely claimed that its earned wage advance product is not a loan, and that it can be accessed instantly with no mandatory fees and no interest.… Continue Reading

In the wake of the Office of Administrative Law’s approval of its registration and reporting requirements for providers of income-based advances, private postsecondary education financing, debt settlement services, and student debt relief services, California’s Department of Financial Protection and Innovation (“DFPI”) has issued an invitation for comment on “what other industries…the DFPI should establish registration and reporting requirements for under the [California Consumer Financial Protection Law].”… Continue Reading

On November 13, 2024, the Financial Crimes Enforcement Network (FinCEN) issued FIN-2024-Alert004 to help financial institutions identify fraud schemes associated with the use of deepfake media created with generative artificial intelligence (GenAI) in response to increased suspicious activity reporting. “Deepfake media” are a type of synthetic content that use artificial intelligence/machine learning to create realistic but inauthentic videos, pictures, audio, and text to circumvent identity verification and authentication methods.… Continue Reading

California Gov. Gavin Newsom has signed legislation covering a range of consumer protection issues. The bills aim to “strengthen protections for consumers, addressing issues that have put financial strain on Californians while setting new standards for transparency and accountability across industries.”

The legislative package includes the following bills:

  • AB 2017 prohibits state-chartered banks and credit unions from charging nonsufficient funds fees when a transaction is declined instantaneously or near instantaneously for insufficient funds.
Continue Reading

On October 11, California’s Office of Administrative Law (“OAL”) approved the Department of Financial Protection and Innovation’s (“DFPI’s”) registration rulemaking for providers of the following products:

  • Income-Based Advances (more commonly known as earned wage access (“EWA”) products);
  • Private Postsecondary Education Financing (including income share agreements (“ISAs”);
  • Debt Settlement Services; and
  • Student Debt Relief Services.
Continue Reading

The FCC set April 11, 2025 as the effective date for new rules designed to make it easier for consumers to revoke consent for calls and texts subject to the Telephone Consumer Protection Act and requiring callers honor these requests in a timely manner.

The new rules, adopted in February, require that callers honor do-not-call and consent revocation requests within a reasonable time, not to exceed 10 business days from receipt.… Continue Reading

The U.S. Supreme Court has agreed to consider a case that could clarify whether the Hobbs Act, which limits judicial review of FCC final orders to appeals courts, means that district courts must accept the FCC’s interpretation of the Telephone Consumer Protection Act (TCPA).

The case, McLaughlin Chiropractic Associates Inc. v.Continue Reading

The CFPB earlier this month filed suit against Horizon Card Services and its CEO and sole shareholder Robert Kane for allegedly tricking subprime consumers into signing up for a high-fee credit card that only allowed them to purchase goods from the company’s overpriced online store.  

The outlet that consumers were required to use had a limited selection of overpriced or off-brand goods.… Continue Reading