Although the CFPB may be retreating from exercising its authority to enforce UDAAP violations under the Dodd-Frank Act, Section 5 of the FTC Act continues to be a potent weapon used by regulators, including the FDIC.
What happened
FTC action: In 2017, the Federal Trade Commission filed suit against 12 defendants, accusing them of laundering millions of dollars in credit card charges through fraudulent merchant accounts in violation of the FTC Act and the Telemarketing Sales Rule. The corporate and individual defendants—including an independent sales organization, its sales agents and their principals—allegedly opened dozens of fictitious companies that then opened credit card merchant accounts. The merchant accounts were opened and approved with the knowing participation of the defendants.
In an Arizona federal court complaint, the FTC alleged the defendant ISO submitted the merchant applications and arranged for merchant accounts to be opened, enabling the card transactions, despite obvious signs that the companies were fictitious and being used to conceal the real identity of the merchant. These efforts effectively evaded the anti-fraud monitoring efforts of the processing bank and the credit card networks. Significantly, the defendants were involved in similar fraudulent conduct that previously was enjoined by the FTC. According to the FTC, the defendants were able to continue their fraudulent activities under multiple assumed names in the new scheme.
While the litigation continues against the bulk of the defendants, two of the defendants who functioned as sales agents elected to settle the charges. Their settlement with the FTC prohibits them from engaging in payment processing or acting as an ISO or sales agent, and further bans them from engaging in credit card laundering. A $1.3 million judgment was suspended based on an inability to pay.
FDIC action: In another matter, violations of the FTC Act were alleged by the Federal Deposit Insurance Corporation against a bank that issues prepaid cards on behalf of numerous non-bank entities. The Delaware-based bank engaged in unfair and deceptive practices in violation of Section 5 by overcharging transaction fees for certain point-of-sale, signature-based debit card transactions from December 2010 through November 2014, the regulator alleged.
“The transaction fees assessed on behalf of the Bank by the Bank’s third party payment processor for PINless transactions were greater than the Bank disclosed for such transactions,” according to the Order for Restitution and Civil Money Penalty. As the issuing bank for the prepaid debit cards, the bank was responsible for ensuring that the programs were operating in compliance with all applicable laws, the FDIC said.
The FDIC also indicated that it “has reason to believe” the bank further violated the Electronic Fund Transfer Act, the Truth in Savings Act, and the Electronic Signatures in Global and National Commerce Act.
The bank stipulated to the order, which requires it to provide restitution to cardholders who were assessed transaction fees for PINless debit transactions that exceeded the amount of the fee disclosed by the bank and to deliver a report to the FDIC with information on eligible consumers and its methodology for calculating the amount of restitution. The payments do not limit consumers’ rights in any way, according to the order.
In addition to restitution to consumers—estimated to be almost $1.3 million for approximately 243,000 consumers—the bank must pay a $2 million civil money penalty and comply with Section 5 of the FTC Act going forward. The order also requires the bank to retain an independent auditor to review and verify the bank’s restitution plan and procedures, and requires reporting to the FDIC and ongoing record-keeping for seven years.
Why it matters
The action by the FTC against an ISO and several merchants, alleging that they schemed to defraud consumers and launder money through fraudulent credit card merchant accounts, is part of an ongoing pattern of enforcement by the agency and demonstrates its seriousness in stopping consumer fraud by depriving the fraudsters of access to the credit card networks. The FDIC matter, in which a bank agreed to restitution and a $2 million civil money penalty, demonstrates that the FDIC also can be an aggressive regulator in its efforts to combat violations of consumer protection statutes in the financial services arena.
To read the FTC’s Stipulated Order, click here.
To read the FDIC Order for Restitution and Civil Money Penalty, click here.