Liability for Banks for Payday Lending: Risks to Consider

In what now appears to be a strategic shift, plaintiffs are focusing their efforts on the financial institutions that act as intermediaries in the repayment of payday loans. These banks, however, are not acting as lenders, or interacting in any way with the borrowers. The Automatic Clearing House (ACH) is an electronic payment system in which financial institutions process deposits and payments. In an ACH transaction

• a customer authorizes a financial transaction with a business;
• that business transmits the authorization to its originating depository financial institution (ODFI);
• the ODFI transmits the debit or credit to an ACH operator, which is either a private entity or a Federal Reserve bank;
• the ACH operator then transmits the debit or credit to the customer’s bank, the receiving depository financial institution (RDFI). The RDFI then makes the actual credit or debit on the customer’s account.
• An ODFI can also choose to use a third-party entity, known as a third-party service provider, to perform the ODFI’s functions with respect to processing ACH transactions.

The National Automated Clearing House Association (NACHA) serves as an industry trade association and the administrator of the ACH network. It administers private-sector operating rules governing the exchange of ACH payments, including urging ODFIs to conduct due diligence and a risk assessment of their ACH activities. This risk assessment should account for several factors, including (i) performing diligence to determine whether originators and third parties are able to perform their obligations; (ii) assessing their ACH activities and considering any risks they present; and (iii) monitoring origination and return activity, including enforcing exposure limits and restrictions. In doing so, the ODFI should consider reputational risk, credit risk, operating risk, fraud risk, and systemic risk.

Recent lawsuits have been filed against financial institutions that were acting as the payday lender’s ODFI in transmitting ACH debits. Among others, plaintiffs have brought putative class actions against BMO Harris Bank, N.A., First Premier Bank, Bay Cities Bank, Missouri Bank & Trust, and National Bank of California. These plaintiffs have asserted claims alleging, among other things, that the ODFIs were unlawfully engaged in the “collection of unlawful debts” under the federal RICO statute. The plaintiffs seek a refund of every ACH debit where the defendant was the ODFI for a repayment of a loan to a payday lender.

Besides private litigation, the federal and state governments have dedicated significant resources to investigating payday lending. The U.S. Department of Justice is conducting an initiative known as “Operation Choke Point,” which is scrutinizing financial institutions acting as ODFIs. On January 8, 2014, the federal government brought its first action under this initiative, against Four Oaks Fincorp, Inc., and Four Oaks Bank & Trust Company. Relying on the Bank Secrecy Act and Patriot Act, the government alleged, among other things, that these banks had failed to conduct an effective compliance program to prevent illegal use of the banking system by their customers. The government alleged that Four Oaks entered into a five-year agreement with a third-party processor that was processing payments on behalf of payday lenders, among others. Through this arrangement, the bank allegedly allowed the companies to unlawfully withdraw more than $2.4 billion from customers’ accounts throughout the United States. The complaint noted that federal agencies, including the Federal Deposit Insurance Corporation (FDIC), Office of the Comptroller of Currency (OCC), Federal Financial Institutions Examination Council (FFIEC), and Financial Crimes Enforcement Network of the Treasury Department (FinCEN), have warned financial institutions about a heightened risk of unlawful activities when dealing with third-party payment processors. Along with the complaint, the government filed a proposed consent order granting certain injunctive relief and ordering the bank to pay a civil fine of $1 million. The court has not yet entered this order.

In addition to the federal government, the state of New York has also been active in this area, both in litigation and in encouraging more regulation. On January 14, 2014, the New York Department of Financial Services sent a letter to the NACHA urging that it mandate that ODFIs “review the Originator Watch List and Terminated Originator Database” as part of due-diligence efforts. These databases identify originators and third-party processors that meet certain risk criteria indicating “unsound business practices.”

Going forward, banks acting as ODFIs should be aware of the increased risk and scrutiny they will face, and should review their due-diligence and risk-mitigation procedures. To the extent a bank becomes involved in litigation or an investigation regarding payday-lending issues, the government or private litigant will try to show that the bank failed to act diligently and ignored red flags indicating unlawful transactions, including internal warning, law-enforcement inquiries, a large volume of unauthorized transactions, and complaints from other financial institutions. Banks should be particularly sensitive to this risk if they have contracted with third-party providers to provide ODFI services because the government will closely scrutinize those relationships to ensure that the ODFI is complying with its obligations. To the extent an ODFI is providing services on behalf of a payday lender, the ODFI likely could face potential liability. Therefore, it should review its diligence and compliance procedures, including with the assistance of external counsel, to ensure that they are sufficiently robust.

Keywords: litigation, corporate counsel, originating depository financial institution, ODFI, Automatic Clearing House, ACH, NACHA

Kevin F. Meade is an associate with Weil, Gotshal & Manges LLP, in New York, New York.