The CFPB recently issued a consent order against a fintech company for allowing contractors and merchants to take out loans on behalf of consumers without their authorization, thereby violating the Consumer Financial Protection Act of 2010. The order requires the company to refund or cancel up to $9 million in loans for harmed consumers, pay a civil penalty of $2.5 million to the CFPB, and prevent future abuses through the implementation of new procedures.
The CFPB alleged that the non-bank institution used merchants, largely those providing home improvements, to offer financing to consumers before making lending decisions based on criteria provided by its partner banks. Proceeds from the loans then bypassed consumers and were distributed directly to the merchants.
The CFPB alleged that between 2014 and 2019 the company received at least 6,000 applications from consumers who did not authorize or request the origination of a loan. The CFPB also alleged that the company failed to create effective controls during the loan application process and failed to implement merchant training and oversight.
The company has neither admitted nor denied any wrongdoing.