Posts filed under ‘Legal Watch’

The End Of The Beginning Of The Medallion Crisis?

Image result for churchill“Now this is not the end. It is not even the beginning of the end. But it is, perhaps, the end of the beginning.” – my man, Winston Churchill

I’m always accused of being a glass half empty kind of guy but this morning I’m here to tell you that I actually see signs that it is perhaps the end of the beginning of the medallion crisis, albeit with the caveat that these are only positive signs in the context of the pummeling medallion prices have taken. Here is why I’m cautiously optimistic that at least we could be headed towards a resolution, albeit a painful one.

Most importantly, the machinery of foreclosure is working. This means that credit unions won’t be caught up in years of litigation over who controls the medallions and under what circumstances. For example, recently a trial court in Queens rejected claims that NCUA, acting in its role as conservator of Melrose Credit Union lacked standing to foreclose on taxi medallions, Union v. Dzhaniyev, 2018 NY Slip Op 30521(U). Similarly, in Melrose Credit Union v. Soyferman, 58 Misc. 3d 1224(A) (N.Y. Sup. Ct. 2018), the court upheld the credit union’s foreclosure action to reclaim a delinquent medallion after a thorough review of the credit union’s promissory note and an analysis of its rights under Article 9 of the UCC.

Why are cases like these important? Because if a floor is ever going to be put in place on the price of medallions, it is absolutely crucial to show prospective buyers that this property can be efficiently transferred. By the way, this is a lesson that New York lawmakers would be wise to learn when it comes to delinquent mortgages but that’s a blog for another day.

Then there is the news that at a recent auction, there were no buyers for the sale of medallions as low as $200,000. How could this possibly be good news when just a few years ago a medallion valued at $200,000 would have been as unthinkable as a Trump presidency? Because as Bay Ridge CEO Anthony Grigos explained to Crain’s, “This [auction] was not to attract the heavy-hitter investors.” Instead, the aim was to “put these 15 medallions back on the road, in the hands of owner-drivers.”

This is the type of creative thinking that is needed right now. The reality is that medallion prices in New York were so high that your average driver couldn’t afford them. Instead there was a thriving secondary market. What the credit union realizes is that the price of medallions is now low enough for your average driver to actually buy one. A driver who has invested his livelihood in a medallion is a lot less likely to stop making payments than a broker.

Do any of these developments indicate that the industry is not in for a painful reckoning? Of course not. But the most important step in dealing with a problem is to admit you have one and these trends indicate that the industry is beginning to grapple with this reality.

DiNapoli Pressures Big Banks Working With Gun Retailers

New York Comptroller, Thomas DiNapoli, jumped on the politically correct banking bandwagon last week. According to the New York Post, it sent a letter to the nine largest banks as well as VISA and MasterCard urging them to crack down on firearm sales lest they suffer “reputational harm” because they allow banking services to be used in firearms transactions.

Not that the largest banks in the world need my support, but we are getting on an awfully slippery slope when politicians start urging financial institutions not to bank with legal businesses or facilitate perfectly legal transactions by consumers as I explained in this recent blog.

April 10, 2018 at 9:03 am Leave a comment

5 Things You Need To Know About Last Week

Increasingly it seems that there’s no down time for credit union news anymore, which is good if you’re a blogger but bad if you are a blogger who took an Easter break. So here in order of descending importance is a look back at some of the key developments that occurred last week with the understanding that I may expand further on these developments in the coming weeks.

DC Federal Court Strikes Down Key Provisions of NCUA’s Community Membership Rules

I know you’ve already heard about this one but considering that it takes about a week to read the decision, there’s still much more that needs to be said about Am. Bankers Ass’n v. Nat’l Credit Union Admin., No. CV 16-2394 (DLF), 2018 WL 1542049, (D.D.C. Mar. 29, 2018). Suffice it to say, that in its ruling the court held that NCUA overstepped its authority in defining a local community as any portion of a combined statistical area that contains no more than 2.5 million people. The court also ruled that the Board did not act rationally in defining a rural district as an area containing up to one million people. The court put a monkey wrench in many credit union expansion plans. Without getting this decision overturned or at least modified on appeal, community based credit unions will find it increasingly difficult to grow to meet member needs. On the bright side, portions of the rule were upheld and there may be a path forward for credit unions and NCUA, even if this decision is not reversed.

Prodigal Son Returns

When I left for vacation, an eight member democratic faction in the state Senate provided an independent power base at the state Capitol. When I came back, the Independent Democratic Caucus was no more. What’s more, Governor Cuomo was vociferously campaigning for Democrats in two upcoming special elections. The practical impact of this development was seen immediately as Senate Majority Leader John Flanagan replaced Jesse Hamilton as the Chair of the Senate Banks Committee with Long Island Republican Elaine Phillips. Remember, for the Democrats to take control of the Senate, they have to win two upcoming special elections in seats vacated by Democrats and convince Democrat Simcha Felder to caucus with them instead of the Republicans.

State Budget Impact

When the legislator finally got the budget deal done on Saturday, it contained a few provisions that will impact credit unions and their operations. S. 7508-C PART QQQQ creates a revolving loan fund for community development financial institution.

The bill imposed a $2.75 charge on ride sharing vehicles in Manhattan. A charge of $2.50 is imposed on medallion taxis. Why does this matter? Because critics of the approach argue that ride sharing vehicles are much more able to absorb the cost of the fee increase than are their medallion counterparts, making it even more difficult for the medallion industry to remain competitive.

This is the way the plan is described in the Governor’s budget press release: “Enact a $2.75 Surcharge on For-Hire Vehicles: To establish a long-term funding stream for the MTA and to reduce motor vehicle congestion, the FY 2019 Budget enacts a surcharge on for-hire vehicles below 96th Street. The surcharge is $2.75 for for-hire vehicles, $2.50 for yellow cabs, and $0.75 for pooled trips. This funding will go into an MTA “lock box,” and will provide long-term funding to sustain for the Subway Action Plan, outer borough transit improvements, as well as a NYC general transportation account.”

 Beneficial Owner Q&A Release

Regulations requiring credit unions and banks to identify the beneficial owners of accounts must be complied with by May 11, 2018. Although many credit unions may not deal with the type of sophisticated entities that this regulation is designed to address, you still need policies and procedures in place to know who the beneficial owner of an account is. You should definitely take a look at this Q&A if you haven’t done so already.

State Treasurers Want Cannabis Meeting With Sessions

With confusion continuing to reign regarding the legal status of marijuana proceeds in states that have legalized its use, a group of state treasurers wrote a letter last Thursday to Attorney General Jeff Sessions requesting a meeting with him to discuss this issue. Since withdrawing the Cole Memorandum in November, the AG has imposed radio silence on how financial institutions should deal with this issue.



April 9, 2018 at 8:59 am Leave a comment

5th Circuit Decision Highlights Importance Of New York Insurance Law Proposal

A recent decision by the Court of Appeals for the 5th Circuit – Chamber of Commerce of United States of Am. v. United States Dep’t of Labor, No. 17-10238, 2018 WL 1325019, (5th Cir. Mar. 15, 2018) – highlights the importance of a New York State proposal initiative to expand the fiduciary obligations of insurance providers. It’s the latest example of the state proactively trying to fill in perceived regulatory gaps where the Federal government has rolled back regulations. This of course has a direct impact on New York credit unions but also provides a template for those of you in states where policy makers may be itching to take similar steps.

In 2016, the Obama Administration Department of Labor expanded the fiduciary obligations imposed on individuals offering products under Title II of ERISA to any individual who offers investment advice for free, who is compensated in connection with a recommendation as to the advisability of buying, selling, or managing an investment product. See, 29 CFR §2510.3-21(a)(1).

Furthermore, this duty to offer fiduciary advice was triggered any time advice is directed to a specific recipient of such advice. Cut through all the legal mumbo jumbo and what the DOL wanted to do was protect consumers against buying insurance products they didn’t need based on advice which was not being offered to help them, but rather to help the broker make a sale. Its direct impact on most credit unions was limited unless they operated an insurance CUSO.

The financial advice investment industry went apoplectic over this new mandate. Last week, it scored an important victory when the Court of Appeals for the 5th Circuit ruled that the DOL exceeded its regulatory authority when it promulgated this rule. For example, the court noted that “The Rule expressly includes one-time IRA rollover or annuity transactions where it is ordinarily inconceivable that financial salespeople or insurance agents will have an intimate relationship of trust and confidence with prospective purchasers. Through the BIC Exemption, the Rule undertakes to regulate these and myriad other transactions as if there were little difference between them and the activities of ERISA employer-sponsored plan fiduciaries. Finally, in failing to grant certain annuities the long-established protection of PTE 84-24, the Rule competitively disadvantages their market because DOL believes these annuities are unsuitable for IRA investors.”

Which brings us back to the Empire State. Our Department of Financial Services has been concerned since President Trump took office that the Republican DOL would gut the regulation and with good reason it has already delayed its implementation. So in late December, the DFS proposed regulations which would extend best interest fiduciary obligations to individuals and companies that sell a broad range of insurance and annuity products. This proposal would have an even greater impact on credit unions than the DOL’s regulations were going to have since it applies to Credit Life insurance, one of the most common products offered by the industry. In making the proposal, the Governor explained that, “As Washington continues to ignore and roll back efforts to protect Americans, New York will continue to use its role as a strong regulator of the financial services and insurance industries to fight for consumers and help ensure a level playing field.”

The DFS is in the process of reviewing comments on its proposal including a letter from the Association, pointing out the damage that the regulation could have for consumers and credit unions alike. It’s possible that proposed amendments will once again be published for comment.

March 28, 2018 at 8:54 am Leave a comment

Overdrafts Continue To Trip Up Financial Institutions

Overdraft litigation is alive and well. Recently, the United States District Court of New Hampshire refused to dismiss a punitive class action brought against Northeast Credit Union involving claims that the credit union did not adequately disclose the way in which it determines how much money is available in a member’s account. As a result, the member claims that persons are made liable for overdraft charges to which the credit union is not entitled. This litigation is by no means unique to credit unions but it does represent an ongoing problem that can be mitigated if the appropriate disclosures are in place.

The facts in Walbridge v. Northeast Credit Union, No. 17-cv-434-JD, 2018 BL 77521 (D.N.H. Mar. 07, 2018) are fairly typical. Walbridge alleges that on March 15, 2016, he had an actual balance in his Northeast checking account [*2] of $111.09. He made a debit card payment of $32.43, which left a balance of $78.66. Northeast, however, determined that he had insufficient funds and charged an overdraft fee of $32.00. Northeast then assessed additional overdraft fees of $32.00 on March 29 and March 30, 2016. Walbridge contends that the overdraft fees were improper.

As I explained in this earlier blog, there are two basic methods for calculating fund availability in accounts. The actual or ledger balance method refers to all money currently in a member’s account or the available method which refers only to those funds actually available for use by the member minus pending debits. Almost all these cases argue that the actual balance method is deceptive or not adequately disclosed by the financial institution since it makes a member think that they have more money available for debit transactions than they actually do.

But remember, no court has argued that one method is legal and another method is not. What is getting credit unions in trouble is that they fail to adequately disclose how their accounts are calculated. For instance, contrast this case with a ruling by a Federal court in DC which rejected claims that NASA Federal Credit Union’s Account Disclosure Statements were ambiguous.

The bottom line is this: Courts have come to differing conclusions based on very similar language. However, one commonality is that the more accurately and plainly you can describe your balance calculation method, the safer you will be. Given the continuing presence of this litigation, I would once again take a look at your disclosures and make sure they accurately describe the method your credit union uses and puts your member on notice when overdrafts are charged.

There’s Big Money In Credit Freezes

This just doesn’t seem right to me. Krebs on Security reported last week that nearly 20% of Americans froze their credit after the Equifax data breach at a collective cost of $1.4 billion to the consumer. That’s right, Equifax made more than a billion dollars off of a breach of its systems. Interestingly, Krebs also reported that the younger you are, the more likely you were to freeze your credit. 32% of millennials, 16% of GenExers, and 12% of baby boomers froze their credit. I would have reversed these numbers.

March 26, 2018 at 9:20 am Leave a comment

What Your Credit Union Needs To Know About The GDPR And Why It Needs To Know It

One of the toughest questions I’ve dealt with since I’ve been with the Association is this seemingly straight forward one: Does my credit union have to comply with the GDPR and if so, what can we do? Impacted companies must be in compliance by May 18th. Keeping in mind that the opinions that I express belong to me alone and are not intended as a substitute for legal advice from a lawyer of your choosing, the purpose of this blog is to give you some further thoughts on the subject as well as to explain why I think the Facebook fiasco will ultimately make the GDPR more relevant to all of us. I apologize for its length but there’s no way to boil this down to a few paragraphs.

What is the GDPR? The General Data Protection Regulations (GDPR) are landmark requirements promulgated by the European Union, designed to give consumers firm control of their electronic data and give the European Union enhanced authority to impose these requirements beyond its borders. Violators face potentially severe penalties.

Why is the GDPR such a big deal? On a policy level it represents a totally different conception of the use and monetization of electronic information than has developed in this country. The US has allowed e-commerce to develop organically. The implicit premise has been that, in return for allowing companies like Facebook to easily access our information, consumers receive an enhanced e-commerce experience. In fact, this has happened.

Conversely, the GDPR represents a conception of personal information as the property of the consumer, control over which the consumer never completely surrenders. Under the European approach, at least in theory, members would know that their personal data was sent to Cambridge Analytica and could simply withdraw their consent for the company to use it.

How do the regulations accomplish this goal? By mandating that consumers affirmatively opt in to providing consent before giving away their personal information AND by mandating that companies be able to both transfer information to another company at a consumer’s request as well as remove a person’s electronic footprint. These rights are known as the “right to be forgotten” and the “right to portability.”

Does the GDPR apply to my credit union? This is the part of my blog that’s going to drive people nuts. On paper the answer is yes. As I explained in a previous post, Article 3, paragraph 1 of the Regulation stipulates that it applies to “the processing of personal data in the context of the activities of an establishment of a controller or a processor in the Union, regardless of whether the processing takes place in the Union or not.” So on paper the regulation extends to any institution processing and holding data belonging to a citizen of an EU country, regardless of where that consumer happens to be located. For instance, I talked to a downstate credit union that was surprised to find out it had more than a hundred accounts belonging to members who lived in the EU.

Why is this such a big deal? After all, some form of these mandates have already been in effect in Europe. For one thing, this is the first time Europe is trying to impose these mandates outside of its borders. In addition, I’ve read and been told by IT people that, without a serious investment of time and money, these nice sounding mandates are difficult to achieve. They require companies to have the ability to effectively disaggregate data even as more and more of it is being aggregated into the big data hodgepodge. After all, the more information Cambridge Analytica has about Facebook users, the more it can confirm correlations between the type of car they drive, the coffee they drink and their views on gun controls. (I made this example up, but this is exactly the type of research that’s being done).

Can I be sued for not complying with the GDPR? The more I look at the issue, the more I think that the GDPR is likely to become increasingly relevant to your credit union’s compliance efforts, not because of formal action taken against individual companies by the European Union but because courts in this country, rightly or wrongly, recognize the GDPR as the base line standard of care when it comes to protecting a person’s private electronic data. This could happen in one of two ways. First, the GDPR includes a private right of action for consumers who feel their rights under the regulations have been violated.

Secondly, appellate courts may, over time, accept the argument that in an interconnected world, where everything from an individual’s playlist to what they buy when they go shopping could very well be stored on a server in Ireland, it is reasonable to expect companies to recognize the GDPR as the standard of care to which they should be holding themselves.

And let’s keep in mind as legislators seek to react to Facebook and Cambridge Analytica, the GDPR represents a model upon which to create their own system of mandates.

How concerned should my credit union be? Again, this is my opinion, but let’s be a little practical. Regardless of what the EU claims, its ability and desire to impose fines on a credit union that has no physical presence in Europe or does not even advertise its services to Europe is highly questionable. Furthermore, the intent behind the regulation is to put large multi nationals on notice that, to the extent they do business in Europe, then they have to abide by the GDPR. On a practical level, given everything your credit union has to do, investing time and money to comply with the GDPR should be at the bottom of the list unless you actively interact with the European Union.

What’s the bottom line? Unless you are a very unique credit union, I wouldn’t panic about the approaching deadline but I would consider putting a GDPR policy in place since some of what the regulation requires includes measures that your credit union is already taking such as data breach notification protocols. In the medium to longer term, credit unions should be mindful of the GDPR and begin to think of ways that they could comply with its overarching mandates, if not its specific requirements.

The recent Facebook fiasco has finally made people realize that their private information is worth protecting and they’re going to demand that GDPR type restrictions be placed on all companies in financial institutions regardless of where they are located.

March 23, 2018 at 9:55 am 1 comment

Why Friday Was A Good Day For Your Credit Union

It just got a little safer to call or text your members.

Although the ADA has captured most of the industries’ attention, it’s the Telephone Consumer Protection Act that will ultimately have the biggest impact on your operations, at least if regulators get their way. A statute that was intended to deter telemarketers from interrupting your day with unwanted solicitations has morphed into a litigation tripwire, potentially applicable to almost all businesses in America including your CU.

For almost three decades the TCPA has, with limited exceptions dealing with the collection of government debt and emergencies, made it illegal for persons to make phone calls or send texts without first getting the receiver’s permission when communicating with the help of an Automatic Telephone Dialing System (ATDS.)

What exactly is an ATDS? The TCPA defines it as “equipment which has the capacity—(A) to store or produce telephone numbers to be called, using a random or sequential number generator; and (B) to dial such numbers.” 47 U.S.C § 227(a) (1). In 2015 the FCC further refined this definition with a declaratory ruling explaining that an ATDS is any device that can potentially make random or sequential number generated calls with modifications. Just about every smartphone meets this definition since software can be downloaded giving it this capability.

This means that, unless they still use a rotary, just about every time your employees use a phone, chances are the TCPA is applicable. They better have to have a member’s permission before calling them or be willing to pay a $500 fine for each violation.

On Friday The Federal Court of Appeals DC ruled that the FCC went too far. CUNA and the bankers submitted a brief in opposition to the 2015 clarification.

“The Commission’s interpretation of the term ‘capacity’ in the statutory definition of an ATDS,” the Court decided, is “utterly unreasonable in the breadth of its regulatory inclusion. Nothing in the TCPA countenances concluding that Congress could have contemplated the applicability of the statute’s restrictions to the most commonplace phone device used every day by the overwhelming majority of Americans.”

That’s the good news. The bad news is I have read the decision twice and if I were a credit union, I wouldn’t change my call policies anytime soon. We are a long way from getting regulatory clarity as to when the TCPA applies and to what equipment. As the Law360 blog put it in its headline this morning:

“DC Circ. Delivers Relief, But Not Clarity, With TCPA Ruling”

March 19, 2018 at 10:01 am Leave a comment

Chipotle Joins Growing List Of Merchants Who Claim They Are Not Responsible For Their Actions

Image result for chipotle data breachAnother day, another data breach, another lawsuit and another motion to dismiss it by merchants who argue that they have no legal obligation to protect the information of consumers who frequent their establishment or to pay for the foreseeable damages their negligence causes to credit unions and banks.

The latest example of this never-ending cycle comes in the form of a well drafted response by Bellwether Community Credit Union and Alcoa Community Credit Union in opposition to Chipotle Mexican Grill’s motion to dismiss a data breach lawsuit brought by the credit unions. This lawsuit stems from a March 17th hack of Chipotle’s point of sale systems that the credit unions allege affected more than 2,200 of the restaurants nationwide.

What makes this lawsuit intriguing to yours truly is that in addition to the standard arguments, the credit unions are arguing that the restaurant’s conduct violated the Defend Trade Secrets Act of 2016 (15 USC 1831). This Act makes it illegal for a company to intentionally “convert a trade secret, that is related to a product or service used in or intended for use in interstate or foreign commerce, to the economic benefit of anyone other than the owner thereof, and intending or knowing that the offense will, injure any owner of that trade secret.”

This argument may have been used before but this is the first time I have seen this argument in credit union land and it made me Google the Federal statute. In order for the credit unions to go forward on this claim, they are going to have to convince the judge that credit and debit card information is a “protectable trade secret” and that Chipotle’s negligence amounted to a disclosure of this information to the hackers.

I know I sound like a broken record and I know I’m preaching to the converted, but the fact that we are still arguing about what duties merchants owe to whom and under what circumstances is tantamount to debating whether automobile companies should be liable for car defects that manifest themselves in Alaska or Hawaii. Merchants such as Chipotle and Target are national economic actors and common sense tells you that they should be responsible for the harm they cause no matter where it manifests itself.

Now that the House Republicans have assured us that Donald Trump did not collude with Russia in the 2016 Presidential campaign, perhaps reasonable minds can come to a consensus on national data breach standards. When I went to Washington a couple of weeks ago, I was surprised at how many members of both parties seem to agree that now is the time to take a serious look at the idea.

Better late than never.

March 13, 2018 at 8:57 am 1 comment

Older Posts

Authored By:

Henry Meier, Esq., General Counsel, New York Credit Union Association.

The views Henry expresses are Henry’s alone and do not necessarily reflect the views of the Association.

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 483 other followers