1. On Tuesday, April 9th, the Office of the Comptroller of the Currency (OCC) assessed a $25 million penalty against Bank of America, N.A., and its credit card subsidiary FIA Card Services, N.A., and ordered restitution totaling approximately $459.5 million to 1.9 million consumer accounts.
The OCC is coordinating its action with the Consumer Financial Protection Bureau (CFPB), which also issued a separate order against the bank to pay a $20 million civil money penalty and ordered restitution to harmed consumers.
The OCC and CFPB found that the bank’s billing practices violated Section 5 of the Federal Trade Commission Act, which prohibits unfair and deceptive acts or practices. The restitution will benefit consumers who enrolled in, and paid for, identity theft protection products between October 2000 and September 2011 but did not receive the full benefit of the products.
The restitution will include the full amount paid for these products, plus any associated over-limit fees and finance charges. The order also requires the bank to improve governance of third-party vendors associated with “add-on” consumer products and submit a risk management program for “add-on” consumer products marketed or sold by the bank or its vendors.
Two recurring themes are readily apparent in recent Federal regulatory actions – weaknesses in vendor management and a high level of risk surrounding the sales of add-on products. Let our former Federal regulators review both aspects of your bank’s operations to avoid similar actions.
2. Comptroller of the Currency, Thomas Curry, expressed concerns this week about the cyber-security risks from banks overly relying on certain vendors and using service providers, especially those in foreign countries.
Let our experienced Federal regulators review your vendor management program to ensure that they are performing in accordance with your wishes and in compliance with consumer protection laws.
