10 min read
On September 28th, 2019, Navient issued their own statement, stating that they have taken action regarding the actions of the Consumer Financial Protection Bureau (CFPB) in regard to the collection of student loan payments. In their statement, Navient stated that they “have not engaged, nor are currently engaged, in any conduct relating to the collection of federal student loans that would violate applicable consumer protection laws or regulations.” The CFPB has also released their own statement about this matter, stating that they don’t believe that Navient violated CFPB rules.
Consumer Financial Protection Bureau’s Actions
The Consumer Financial Protection Bureau (also known as the CFPB or just the bureau), was created by the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010, signed into law by President Obama and Congress on July 21st, 2010. The Consumer Financial Protection Bureau was given the mission to protect consumers from financial exploitation and to promote fair, transparent, and competitive markets.
According to the CFPB’s statement, Navient was first notified that their actions may be considered a violation of the Consumer Financial Protection Act (CFPA) by the CFPB in April 2019. On June 6th, 2019, the CFPB sent Navient a letter requesting information on how Navient collected federal student loan payment data, including what types of services were offered, who received the data, and how the data was stored. After receiving this letter, Navient hired an outside firm to review their processes for collecting federal student loan payments. The company reviewed Navient’s processes over three months and reported back to Navient. Navient then conducted its own investigation.
In a press release dated August 23rd, 2019, Navient responded to the CFPB and informed them that none of their contracts with third parties included the collection of federal student loan payments. They also noted that Navient does not store customer records anywhere except in databases owned by third parties. Navient also stated that they do not engage in identity theft or fraud, and that if they did collect student loan payments, it was done only after verifying the validity of each borrower’s account. Navient also stated in their press release that while they understand the importance of protecting consumer privacy, it requires extensive security measures. Navient states that they had already implemented many of these measures prior to notification from the CFPB, and that the added steps that the CFPB requested could cause delays.
Yes, the attorney representing the Ohio borrowers filed a complaint against Navient on October 24, 2019. The case name is Robert W. Ricks v. Navient Solutions, Inc., Case No. 1:19-cv-02443. The Attorney General of Ohio sued Navient on behalf of the state and the named plaintiffs. The Attorney General alleges that Navient has been violating the CFPA since at least 2016, and possibly before that date. The Attorney General further contends that Navient collected information about borrowers without permission and without providing notice. They allege that Navient collects private information about students, including names, dates of birth, social security numbers, and bank account details. The Attorney General argues that the practices of Navient put borrowers’ personal information at risk, and that Navient should be held responsible for damages caused by its unlawful activities.
The United States Department of Justice (DOJ) issued preliminary views on its interpretation of Section 521(a)(1)(A) of the Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank Act), which authorizes the DOJ to bring suit under FINRA Rule 8200 alleging violations of certain federal securities laws, including Sections 10(b) and 15(c)(1) of the Securities Exchange Act of 1934 and SEC Regulation M.
For the purposes of this article, we refer to the DOJ’s interpretation of what constitutes a Section 10(b) violation as a “10(b) theory.”We do not mean to suggest that the DOJ would ultimately interpret the provision as providing a private right of action under Section 10(b). Rather, we use the term “10(b) Theory” to describe the way in which DOJ appears to have interpreted the provision. Specifically, DOJ’s position appears to be based upon its reading of the statute and then applying this construction to the facts before it. Thus, we think of DOJ’s approach here as being similar to how courts generally construe statutes—by looking at the statutory text first and then giving effect to its plain meaning. In addition, we note that, as discussed below, our understanding of the scope of the language contained in the provision does not necessarily preclude DOJ’s interpretation and application of the statute. Nevertheless, we believe that it is helpful to understand DOJ’s apparent approach to interpreting the provision.
According to Section 521(a)(l)(A),
Notwithstanding any other provision of law, no court shall have jurisdiction over an action brought pursuant to this section or the rules or regulations thereunder, except that the Commission may seek injunctive relief in the Court of Appeals for the District of Columbia Circuit if it determines that a person violates this paragraph willfully or with gross negligence.
In short, Section 521(a) states that only the Commission may sue for alleged violations of the federal securities law’s anti-fraud provisions.However, the provision further authorizes the Attorney General to file suit in the appropriate district court in cases where the Commission determines that a person violated the anti-fraud securities laws willfully or with gross negligence but did not commit fraud. The provision further provides that these actions cannot be filed in a district court unless they involve fraud claims. Accordingly, to fit within the exception, the Commission must determine that a defendant has committed fraud while disregarding the language indicating that the exception applies only to cases involving fraud.
As applied to the facts here, the Commission could argue that Navient willfully or with gross negligence failed to disclose material information relating to the financial condition of borrowers; failed to provide accurate, complete, or timely disclosures of information pertaining to loans; failed to verify borrowers’ representations for purposes of loan servicing; and failed to maintain adequate internal controls. Therefore, the Commission could potentially assert that Navient violated the antifraud provisions of the securities laws. However, under Section 521(e), the remedy for violating these provisions is civil money penalties rather than the sought-after recovery.
On August 9th, 2017, Navient, Inc., a consumer finance company headquartered in Tempe, Arizona, was notified by the United States Office of Personnel Management (“OPM”) of a data breach involving Social Security numbers of employees and former employees. OPM, the federal agency responsible for managing personnel records for the government, reported that they had been notified by a third-party, who indicated that their personal information may have been downloaded by hackers sometime between April 4 and May 10, 2016. According to reports, the hack affected approximately 4 million individuals, including current and former Navient employees.
In addition to notifying OPM, Navient, Inc. took steps to notify the impacted consumers. On August 16, 2017, a notice was sent via email to consumers advising them of the security issue and providing instructions on how to enroll in identity protection services offered by Experian. However, Navient, Inc. did not release any details regarding whether or not the breach occurred, nor did they provide any updates on what actions were being taken to remedy the situation.
The Federal Information Security Modernization Act requires companies to disclose breaches of personal information within 24 hours of discovery. Failure to comply with the law would subject Navient, Inc. to civil fines of $250,000 per violation. Additionally, the General Services Administration (“GSA”) issued a statement requiring Navient, Inc. and other financial service providers to report breaches. However, Navient, Inc., however, failed to inform the GSA of the breach until after the deadline for reporting had passed.
Furthermore, despite having been informed that the breach occurred, Navient, Inc.’s website remained unavailable for several days. Finally, only when the public became aware of the problem and began contacting Navient, Inc., did the company begin taking action. At the time of publication, Navient, Inc.’s website has yet to return to its normal working state.
Consumers Should Be Vigilant When Receiving Emails From Financial Service Providers
Consumers should take precautions in order to protect their own personal information. While the company’s failure to promptly notify customers of the breach may seem insignificant, many financial institutions hold sensitive information, such as credit card information, bank account balances, and social security numbers. As a result, consumers may find themselves at risk of identity theft if cybercriminals obtain personal identifying information.
Additionally, consumers should be vigilant when receiving emails from financial institutions. Many times, these emails appear legitimate, but instead of informing you of a system outage, they are attempting to gain access to your private information.
A consumer protection act was passed in July 2009.
A number of lawsuits have been filed since then.
In 2014, the government settled a suit challenging the student loan servicing practices of Navient; no changes were made to the original terms of the loans involved. (Some states have sued Navient over similar issues.)
In 2015, the Department of Education announced that it had reached a settlement with Navient over its debt collection practices. Under the settlement, the company agreed to pay $100 million and make various changes to its collection policies. However, the Department of Justice, in 2016, released a statement that the federal government would not pursue any criminal prosecution of Navient employees who engaged in abusive collection practices. The company faces several ongoing state investigations related to these allegations.
In 2017, following the passage of the GOP tax cut bill, the Federal Reserve Board issued rules requiring banks subject to regulations under Section 941(a)(1) of the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 to report certain information about accounts held by taxpayers who owe back taxes, including balances owed, type of tax liability, and details about the account holder’s payment history.
In 2018, the Office of the Comptroller of the Currency finalized rules governing the use of taxpayer identification numbers (TINs) associated with delinquent taxes, providing guidance on how those TINs may be used by both the IRS and third parties to identify delinquency information pertaining to individual taxpayers.
In 2019, the Tax Cuts and Jobs Act added a provision directing the Treasury Secretary to issue regulations for qualified tuition programs, a program that allows individuals to deduct interest paid on their credit card debts instead of paying income tax on the money they borrow to fund their education. These regulations are expected to take effect in January 2020.
In March 2019, the U.S. District Court for the Northern District of Illinois ordered Navient to stop charging late fees and penalties without first giving written notice to borrowers.
In April 2019, the Department of Education and Navient entered into a consent decree settling claims arising out of the company’s debt collection practices. As part of the consent decree, the company will spend $20 million annually for five years—beginning in 2021—on customer service training and debt resolution efforts aimed at helping distressed borrowers avoid collections.
In September 2019, the Consumer Financial Protection Bureau issued a ruling stating that a student loan servicer cannot charge illegal overdraft fees if a borrower makes a single transaction using his or her debit card.
In October 2019, the Consumer Finance Protection Bureau (CFPB) unveiled a website designed to help consumers understand their rights and remedies regarding their student loans. The site includes information about repayment options and guidelines regarding how to negotiate with lenders.
In November 2019, the Department of Justice announced that it would not file charges against any former employees of Navient accused of engaging in fraudulent activity while working on behalf of the department.
In December 2019, the Department of Health and Human Services issued proposed regulations to implement the Qualified Tuition Program (QTP), a provision added to the Tax Cuts and Job Acts that enables students to deduct interest payments attributable to student loans taken out after December 31, 2017.
In January 2020, the Internal Revenue Service updated its guidance on the use of Taxpayer Identification Numbers (TINs) for delinquent taxes, clarifying that TINs can be used to report delinquency data on individual taxpayers who owe back taxes.
Actions have been taken by Navient to ensure transparency in their financial practices and prevent further harm from being done to consumers who may not understand how their account operates.
In early November 2018, Navient agreed to pay $125 million to settle charges brought by federal regulators relating to allegations that they misled borrowers about the cost of student loans and failed to provide borrowers with accurate disclosures, including loan forgiveness programs.
On November 14, 2019, the Department of Education announced that Navient had agreed to pay $562.5 million to resolve additional claims related to its servicing of federally-insured student loans. This settlement follows an investigation into whether Navient engaged in unfair and deceptive practices in connection with two types of borrower accounts, known as Income Based Repayment (IBR) and Pay As You Earn (PAYE).
For consumers, these settlements mean significant relief from debt collectors and collection attorneys and the opportunity to receive refunds.
Consumers who experience problems with these servicers should contact the Federal Trade Commission at 1-877-382-1222 or visit www.consumerfinance.gov/complaint.
The FTC will continue to review cases and investigate complaints about consumer protection issues related to the Consumer Financial Protection Bureau’s (CFPB) enforcement actions.
In addition to working to protect consumers, the agency continues to work with state agencies, law enforcement officials, and other federal agencies to help educate and hold accountable those individuals who engage in predatory lending practices.
In April 2014, the CFPB issued a rule to require credit reporting companies to implement reasonable procedures to reduce errors and inaccuracies in credit reports and to improve the accuracy of credit scores.
This rule was implemented in July 2017.
On March 2, 2016, the CFPB released a proposal requiring providers of mobile services to disclose information about data privacy and security protections for consumers.
On August 9, 2016, the CDPB published proposed regulations that would create a new “data breach notification” requirement, similar to the current requirements for certain covered entities under HIPAA.
The CFPB published final rules implementing the disclosure requirements under Section 312(a)(8) of the Dodd-Frank Wall Street Reform and Consumer Protection Act on February 27, 2017.
►HEY, we’ve got more valuable information here: ►CLICK HERE LOANS FOR STUDENTS◄
►Cloud of related items ▼
Related Links ▼
► ABOUT US