On April 21, 2016 the Consumer Financial Protection Bureau (CFPB) filed suit against two owners of a company who resold loan applications containing sensitive personal data to lenders and data brokers without assessing the sources of those leads or purchasers they sold the lead data too. The CFPB filed suit against the owners of D and B Marketing, Inc. d/b/a T3Leads, Dmitry Fomichev and Davit Gasparyn. T3Leads is a lead aggregation company based in Burbank, California that purchased and sold payday and installment loan applications without properly vetting buyers and sellers.
T3Leads and two other parties were previously sued by the CFPB in December of 2015 in a separate lawsuit but this suit targets the individual co-founders of T3Leads.
CFPB Richard Cordray stated that “T3Leads steered consumers towards bad deals with lenders it didn’t vet and with no regard for how consumer’s information would be used. This is a reminder to the middlemen who buy and sell consumer loan applications: if you engage in this type of conduct, you risk the consequences of harming people.”
Lead aggregators buy consumer information (also called Leads) from Lead Generators, which are websites that market payday and installment loans. These Leads often contain personal information such as a consumer’s name, telephone number, home and email addresses, references, and employer information.
The CFPB claims jurisdiction over T3Leads and the two co-founders for violating Unfair, Deceptive, or Abusive Acts or Practices [UDAAP].
In these lawsuits the CFPB alleges that T3Leads did not vet or monitor its lead buyers, exploited consumer’s lack of understanding of the risks, costs, and conditions of the loans being applied for, and put consumer information at risk of being trafficked for illegal purposes. T3Leads purportedly sold consumer information to Indian Tribes and lenders based in foreign countries who according to the CFPB “often skirt state laws or deny the jurisdiction of U.S. courts.”
Of particular importance is the CFPB’s seemingly new tool it is using for UDAAP enforcement called “Reverse Vendor Management Oversight“. T3Leads is accused of failing to vet or monitor its upstream lead generator vendors whom it was purchasing its leads from. The monitoring of upstream vendors is a concept that could have particularly ground shaking effects on every industry the CFPB regulates including the entire residential lending industry.
The Bureau alleged that T3Leads:
“Ignored false or misleading statements about lenders obtaining consumer applications: Consumers who applied for loans through T3Leads’ lead generators had no control over who received their application and had to trust T3Leads’ selection of lenders in its network. But those lead generators suggested that its lenders met certain standards, and often falsely claimed to match consumers with lenders that “follow the rules” or offer “reasonable” terms.”
Failed to vet or monitor purchasers: T3Leads failed to vet purchasers before adding them to its network or selling them leads, and did not require lenders to provide information about whether they complied with state laws.
Steered consumers toward unfavorable loans: T3Leads’ process often steered consumers to lenders offering less favorable loan terms than otherwise available. In particular, consumers were likely to be connected to lenders that ignore state usury limits or claim immunity from state regulation and jurisdiction. These entities often charge higher interest rates than lenders that do comply with state laws, and they often paid the highest prices for leads from T3Leads.”