Consumer Financial Services Law Blog
Dykema Gossett PLLC
Dykema Gossett PLLC

Consumer Financial Services Law Blog

Consumer Financial Services Law Blog

News and analysis regarding Consumer Financial Services litigation and regulation, and activities of the Consumer Financial Protection Bureau


Get updates by email

RSS Subscribe to this blog's feed
Twitter Follow us on Twitter

Contributors

Photo of Consumer Financial Services Law Blog Erin F. Fonté
Member
efonte@dykema.com
512-703-6318
View Bio

Showing 4 posts by Erin F. Fonté.

In Brief: CFPB Issues Long-Awaited Final Prepaid Rule

After more than four years of anticipation and speculation from the financial services community, the Consumer Financial Protection Bureau (CFPB) unveiled its final prepaid rule on October 5 (accompanied by an animated video explaining highlights of the rule). Read More ›

CFPB to Issue Proposal in July Amending Rules on TILA-RESPA Integrated Disclosures

Real estate lenders and agents struggling with the new TILA-RESPA Integrated Disclosure rules will have the opportunity to suggest improvements to the rules this summer. On April 28, Consumer Financial Protection Bureau (CFPB) Director Richard Cordray sent a letter to eight financial industry trade groups stating that the agency intends to propose new amendments in late July 2016 to the rules synthesizing mortgage lending disclosures under the Truth in Lending Act (TILA) and Real Estate Settlement Procedures Act (RESPA). Issued pursuant to the Dodd-Frank Act, the rules are known as the TILA-RESPA Integrated Disclosures (TRID) rule, also referred to by the CFPB as the Know Before You Owe rules. Read More ›

QUICK REVIEW—Watching the Watchers: FTC Orders Investigation Into Third Party PCI DSS Qualified Independent Assessors

The FTC’s focus on data security appears to be expanding, with the agency now investigating the processes by which private industry measures data security compliance. On March 7, 2016, the FTC ordered nine different companies who are “Qualified Independent Assessors” to provide detailed information about how they assess their clients’ compliance with the Payment Card Industry Data Security Standards (“PCI DSS”). The nine companies receiving orders range from large accounting firms such as PricewaterhouseCoopers, LLP, to security-focused companies such as Foresite MSP, LLC. They must respond to the Commission within 45 days (absent any extensions that the Commission might grant). The FTC did not state that the orders were issued in connection with any apparent breach or other specific problem, and the agency’s ultimate goal for this inquiry remains to be seen. Read More ›

CFPB Takes First Data Security Enforcement Action Against Dwolla

The Consumer Financial Protection Bureau (“CFPB”) made headlines last week by taking action against Dwolla, an online and mobile payments platform. The CFPB imposed a $100,000 penalty against Dwolla, and while the dollar amount of the penalty may appear to be small compared to other civil money penalties, the action is significant because it is the first action the CFPB has taken in the data security area and provides insight into future enforcement activities surrounding data security by the CFPB. It also serves as a notable reminder of the CFPB’s broad enforcement powers, which go beyond financial institutions to non-FI companies that deliver financial products and services to consumers. While the CFPB lacks authority over the substantive data security requirements that are enforced by the federal financial regulators, that poses no obstacle to the CFPB’s ability to take an action, like this, initiated under its authority to police “deceptive” acts or practices. Read More ›