CFPB Fines Bank of America for Multiple Violations

Adam Witmer
Regulatory Update, UDAAP, Regulation Z

On July 11, 2023, the CFPB ordered Bank of America to pay more than $100 million to customers for systematically double-dipping on fees imposed on customers with insufficient funds in their account, withholding reward bonuses explicitly promised to credit card customers, and misappropriating sensitive personal information to open accounts without customer knowledge or authorization. Bank of America will pay a total of $90 million in penalties to the CFPB and $60 million in penalties to the OCC, which also found that the bank’s double-dipping on fees was illegal.

From CFPB Director Rohit Chopra’s statement:

“Bank of America wrongfully withheld credit card rewards, double-dipped on fees, and opened accounts without consent. These practices are illegal and undermine customer trust. The CFPB will be putting an end to these practices across the banking system.”

Bank of America is a global, systemically important bank and has one of the largest coverages in consumer financial services in the country. According to the CFPB, Bank of America harmed hundreds of thousands of consumers over a period of several years and across multiple product lines and services. In particular, the CFPB found that the bank:

  • Deployed a double-dipping scheme to harvest junk fees. was found that Bank of America double-dipped by allowing fees to be repeatedly charged for the same transaction and by illegally charging multiple $35 fees after the bank declined a transaction because the customer did not have enough funds in their account.

  • Withheld cash and points rewards on credit cards. According to the CFPB, the bank failed to honor rewards promised to consumers. In addition, the bank also denied sign-up bonuses to consumers due to the failure of Bank of America’s business processes and systems.

  • Misused Sensitive Customer Information to Open Unauthorized Accounts. It was found that the bank’s employees illegally applied for and enrolled consumers in credit card accounts without consumers’ knowledge or authorization in order to reach sales-based incentive goals. This resulted in consumers being charged with unjustified fees, suffering negative effects to their credit profiles, and spending time correcting errors.

According to the Bureau, the Bank of America violated UDAAP, FCRA, and TILA. With this, the CFPB ordered the bank to:

  • Stop its repeat offenses;

  • Pay redress to harmed consumers; and

  • Pay $90 million in penalties to the CFPB.

Read the CFPB’s press release here.

The consent order against Bank of America for unauthorized credit card accounts, false promises on credit card rewards, and using customers’ credit reports without permission can be found here.

The consent order against Bank of America for its double-dipping fee scheme can be found here.

Adam Witmer
Regulatory Update, UDAAP, Regulation Z
Adam Witmer

Adam Witmer is a speaker, author, and founder of the Compliance Cohort. Adam has taught hundreds of seminars and training sessions to thousands of bankers throughout the United States and teaches on all areas of regulatory compliance. Adam has written five e-books that he never published, hit a grizzly bear while driving in a National Park, and is an award winning photographer and musician (though he no longer takes photos nor plays any instruments). In his spare time, Adam can be found kayaking on the lake, doing taekwondo with his kids, working on his (project) house, or spending time with his family.

Website

SEC Takes Action Against Merrill Lynch and BACNAH for Failing to File SARs

FTC Issues Final Guidance on the Use of Endorsements and Testimonials in Advertising