Close Close

Regulation and Compliance > Federal Regulation > FINRA

SEC, FINRA, CFPB Enforcement: BofA Busted for Illegal Credit Card Practices

Your article was successfully shared with the contacts you provided.

The CFPB has ordered Bank of America to pay $727 million in consumer relief for illegal credit card practices. Hewlett-Packard will have to pay $108 million to settle SEC and DOJ charges of FCPA violations, while FINRA increased the suspension term of an advisor who appealed its earlier judgment regarding his use of private client information.

Other recent enforcement actions by the SEC include a $20 million penalty against CVS for misleading its investors and committing accounting violations; charges against a Las Vegas transfer agent for disclosure failures; and charges against a Honolulu woman for fraud via social media.

CFPB Penalizes Bank of America $727 Million

The Consumer Financial Protection Bureau has ordered Bank of America to fork over $727 million in consumer relief to repair harm caused by the bank’s deceptive credit card practices.

Roughly 1.4 million consumers were affected by Bank of America’s deceptive marketing of credit card add-on products. The bank also illegally charged approximately 1.9 million consumer accounts for credit monitoring and credit reporting services that they were not receiving. Bank of America will pay a $20 million civil money penalty to the CFPB.

From 2010 through 2012, Bank of America actively marketed two credit card payment protection products, “Credit Protection Plus” and “Credit Protection Deluxe.” Both products allowed customers to request that Bank of America cancel some amount of credit card debt in the event of certain hardships like involuntary unemployment or disability and certain life events such as entering college or retirement.

The CFPB found that the telemarketing scripts Bank of America used for these products contained misstatements. Additionally, telemarketers often went off script to make sales pitches that were misleading and that omitted pertinent information. Over 1.4 million card members were affected by this deceptive marketing.

Among other things, Bank of America misled consumers about the cost of the first 30 days of coverage; the enrollment process for credit protection products; and the benefits of credit protection products.

In addition, consumers were also hit with unfair billing practices by the bank. Bank of America enrolled consumers in identity protection credit card add-on products, known as “Privacy Guard,” “Privacy Source” and “Privacy Assist,” that promised to monitor customer credit and alert consumers to potentially fraudulent activity.

Under federal law, in order for Bank of America or its vendors to obtain consumers’ credit information, the consumers generally must authorize access to credit information. But Bank of America billed consumers for these products without or before having the authorization necessary to perform the credit monitoring and credit report retrieval services.

As a result, the company billed consumers for services they did not receive; unfairly charged consumers for interest and fees; illegally charged about 1.9 million consumer accounts; and, to top it off, failed to provide product benefits.

The CFPB has ordered that Bank of America be prohibited from engaging in illegal practices; end unfair billing practices; repay affected consumers, and do it for the consumers’ convenience; and pay that $20 million penalty to the CFPB’s civil penalty fund.

The Office of the Comptroller of the Currency (OCC) has also ordered Bank of America to pay $25 million in civil money penalties for the unfair billing practices, in addition to those ordered by the CFPB.

Penalty for HP Violations Set at $108 Million

After the SEC charged that Hewlett-Packard violated the Foreign Corrupt Practices Act (FCPA) when its subsidiaries in three different countries made improper payments to government officials to get or retain lucrative public contracts, the company agreed to pay $108 million to settle those charges and the charges in a parallel criminal case brought by the Department of Justice. Ironically, two of those violations occurred in connection with foreign law enforcement agencies.

The Russian subsidiary of Palo Alto, Calif.-based HP paid more than $2 million through agents and various shell companies to a Russian government official to hold onto a multimillion-dollar contract with the federal prosecutor’s office. And in Poland, HP’s subsidiary provided gifts and cash bribes worth more than $600,000 to a Polish government official to obtain contracts with the national police agency.

Another violation occurred as part of HP’s bid to win a software sale to Mexico’s state-owned petroleum company. Hewlett-Packard’s subsidiary in Mexico paid more than $1 million in inflated commissions to a consultant with close ties to company officials, and money was funneled to one of those officials.

According to the agency, the scheme involving HP’s Russian subsidiary occurred from approximately 2000 to 2007. The bribes were paid through agents and consultants to win a government contract for computer hardware and software. Employees within the subsidiary and elsewhere questioned the significant markup paid to the agent on the deal and the subcontractors that the agent expected to use, but no meaningful due diligence was conducted despite the red flags.

Bribes involving Hewlett-Packard’s subsidiary in Poland occurred from approximately 2006 to 2010. Acting primarily through its public sector sales manager, the subsidiary agreed to pay a Polish government official so that it could win contracts for IT products and services. The official got a percentage of net revenue earned from the contracts, and the bribes were delivered in cash from off-the-books accounts.

In the Mexican case, HP’s subsidiary in Mexico paid a consultant to help the company win a public IT contract worth about $6 million. The consultant had connections with a government official at the state-owned company, and at least $125,000 was funneled to the official. Although the consultant was not an approved deal partner and had not been undergone the due diligence company policy required, HP Mexico sales managers used a passthrough entity to pay the consultant inflated commissions. This was internally referred to as the “influencer fee.”

The company has agreed to pay $29 million in disgorgement (approximately $26.47 million to the SEC and $2.53 million to satisfy an IRS forfeiture as part of the criminal matter). It also agreed to pay prejudgment interest of $5 million to the SEC and fines totaling $74.2 million in the criminal case for a total of more than $108 million in disgorgement and penalties.

FINRA Ups Suspension of Advisor Who Appealed Misuse of Customer Info

An advisor who appealed a 10-day suspension imposed by FINRA after he was found to have misused confidential customer information found that his appeal fell on deaf ears. Not only that, the original 10-day penalty was upped to 90 days.

Steven Robert Tomlinson, of Painted Post, N.Y., had appealed FINRA’s judgment that he be suspended for 10 days. FINRA reached the original decision, which also included a $10,000 fine, after Tomlinson was determined to have misused confidential customer information. He took with him data that included account balances and statements, Social Security and account numbers and dates of birth in addition to the permitted names and addresses when he left the credit union where he formerly worked and went to Wachovia Securities, LLC (now Wells Fargo).

Tomlinson had been manager of the credit union’s investment services group. He had also been a Raymond James branch manager; the credit union was affiliated with Raymond James Financial Services.

When Tomlinson left to join Wachovia/Wells Fargo, he used his personal flash drive (with no encryption or password protection) to download information for more than 2,000 customers; his own clients only numbered around 200. Tomlinson claimed that he had no intention of misusing the information, but he gave access to that information to a third party, an administrative assistant at Wells Fargo, opening the data to the risk of a privacy breach.

The hearing panel that first heard the case determined that he should be subject to a 10-day suspension and a $10,000 fine, but Tomlinson appealed. However, his arguments failed to make his case, and FINRA boosted the suspension to 90 days. It did, however, decline to impose the fine or other financial penalties, saying that Tomlinson had proved he was unable to pay it.

CVS to Pay $20 Million to Settle SEC Charges of Misleading Investors

CVS Caremark Corp. has agreed to pay $20 million to settle charges by the SEC that it misled its investors about financial setbacks and engaged in accounting violations to make its financial performance look better.

According to the agency, CVS has two business segments; one as a pharmacy benefits manager, and the other as a retail chain of drug stores. In 2009, in its offering documents for a $1.5 billion bond offering, CVS left out the fact that it had recently lost significant Medicare Part D and contract revenues in the pharmacy benefits segment. That led investors to have unreal expectations about expected future financial results for that line of business. When the truth about the setbacks came out on Nov. 5, 2009, its stock price lost 20% percent in one day.

On the same day, CVS used an earnings call to further mislead investors by maintaining there was a slight improvement in its “retention rate,” which is a key metric of retained business often used to compare pharmacy benefits management companies. However, CVS had manipulated the rate calculation to look better and hide how bad the business loss actually was. Of course it did not tell this to investors.

The accounting violations, said the SEC, took place during the same 2009 timeframe and overstated the financial results for the firm’s retail pharmacy line of business. They were orchestrated by Laird Daniels, the retail controller at CVS. He faces a related SEC proceeding in which he is charged with those accounting violations.

In that instance, CVS altered the accounting treatment for its acquisition of the Longs Drugs chain, and failed to disclose the adjustments in its quarterly report filed on November 5. CVS improperly reduced the value of $189 million of personal property in the Longs stores down to $0, and then reversed $49 million of depreciation that had been taken on those assets since the acquisition. The undisclosed depreciation reversal increased Q3 earnings and enabled CVS to exceed analysts’ expectations at a time when it was otherwise announcing significant bad news about earnings projections in its pharmacy benefits line of business. Proper accounting, on the other hand, would have treated the asset writedown as a current period expense, and the Q3 earnings per share for CVS would have been reduced by as much as 17%.

In addition to the financial penalty paid by CVS, the company, without admitting or denying the charges, has agreed to a final judgment permanently enjoining it from numerous antifraud violations. Daniels, who also has neither admitted nor denied the charges, has agreed to settle the administrative case against him by paying a $75,000 penalty and being barred for at least one year from practicing as an accountant on behalf of any publicly traded company or other entity regulated by the SEC.

Disclosure Failures Bring SEC Charges for Las Vegas Transfer Agent

The SEC has pressed enforcement actions against Las Vegas-based transfer agent Empire Stock Transfer Inc. and two individuals at the firm who were responsible for disclosure failures in registration forms filed with the agency.

Empire’s sole owner, according to its registration forms, was Patrick Mokros. However, Mokros failed to disclose that he relied on another individual to finance his purchase of the firm. Also not disclosed in Empire’s forms is the fact that Mokros allowed his financier to play a significant role in the firm’s operations and receive a substantial portion of the profits.

Matthew Blevins’s role was also undisclosed. The presence of Blevins as a control person, although he was hired in January 2007 to run Empire’s day-to-day operations and oversee the firm’s finances, wasn’t disclosed until March, toward the end of the SEC’s investigation.

To settle the administrative proceedings, Empire and Mokros agreed to pay a $50,000 penalty and Blevins agreed to pay a $25,000 penalty. Without admitting or denying the SEC’s findings, Empire, Mokros and Blevins agreed to a censure and must cease and desist from committing or causing further violations. Empire must also retain an independent compliance consultant.

Check out SEC Enforcement: Traders Used Wives’ Information to Make Insider Trades on ThinkAdvisor.


© 2023 ALM Global, LLC, All Rights Reserved. Request academic re-use from All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.